Director of ITGC/SOX
BuzzFeed, Los Angeles, New York, or Minneapolis
The social news and entertainment company.
BuzzFeed is the world’s leading tech-powered, diversified media company that reaches hundreds of millions of people globally through its cross-platform news and entertainment network. The company produces articles, lists, quizzes, videos, and original series; lifestyle content through brands including Tasty, the world’s largest social food network; original reporting and investigative journalism through BuzzFeed News and HuffPost; an industry-leading affiliate business, strategic partnerships, licensing and product development through BuzzFeed Commerce; and original productions across broadcast, cable, SVOD, film and digital platforms for BuzzFeed Studios.
BuzzFeed is hiring a Director, SOX IT General Controls in our NY, LA or MN offices to operationalize and mature the security risk management program. This role will be heavily focused on managing ITGC requirements and communicating security risk across BuzzFeed, from internal operations to third-party vendors. We’re looking for a self-motivated individual who thrives in fast-paced environments, can seamlessly drive efforts with multiple stakeholders to accomplish bold things, and who sees risk as something to manage pragmatically.
You should understand that it is really a matter of good business strategy to embrace SOX principles to strengthen the internal control environment. The right candidate will drive the implementation of a robust and complete information technology internal controls program and have extensive Sarbanes-Oxley compliance and technology experience. The ideal candidate will also have a proven track record of working within a high-growth organization and influencing and educating senior leaders on the concepts of information technology general and application controls.
- Be responsible for all phases of BuzzFeed’s ongoing information technology internal controls program from planning through reporting.
- Design/develop the relevant ITGC controls
- Execute the coordination and implementation of SOX ITGC controls by partnering with control owners, Internal Audit and Risk teams, and external auditors
- Collaborate with the control owners and stakeholders to resolve control deficiencies
- Track execution of the ITGC project plan, reporting, training and communications.
- Educate, evaluate and advise business partners on internal SOX ITGC risks, controls, and mitigation in a large, sophisticated and constantly evolving environment
- Collaborate with the control owners and stakeholders to ensure that SOX ITGC risks and controls are appropriately considered, identified early and proactively handled in the project development lifecycle
- Manage SOX related impacts of changes to the business, such as new revenue streams and new system implementations
- Develop and maintain an understanding of the internal control framework and processes to identify risks
- Understand the ITGC structure of the systems and architecture
- Develop relevant SOX ITGC documentation
- Execute the quarterly and annual SOX ITGC processes
- 5+ years of experience working on security risk management
- Previous experience in a cloud environment, preferably AWS and/or Azure
- Deep understanding of the internal control framework (specifically COSO and COBIT) and a solid understanding of the concepts of control design and operational efficiency
- Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts
- Strong risk management experience, including: performing assessments and audits, crafting controls, leading enterprise control frameworks, and prioritizing risk
- Comfortable working with both deeply technical and non-technical audiences
- Develop relationships in a highly cross functional environment and drive alignment across internal organizations
- Highly responsive and have a customer first mindset
- Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
The Technical Details
- 7+ years of relevant experience, including leading technical staff
- 5+ years of leading SOX ITGC teams
- 5+ years of experience with SOX compliance programs
- Deep understanding of enterprise-grade Identity Provider solutions such as Okta
- Expert-level knowledge of enterprise SaaS applications, including Financial Systems, HRIS, and Technology Platforms.
- Previous experience at a technology or SaaS company in similar role
- Certifications, such as, but not limited to CISA, CISM, CISSP, CPA, CIA
All job applications must be received through the official BuzzFeed Jobs board (https://www.buzzfeed.com/about/jobs), including referrals. It is BuzzFeed's practice to not schedule job interviews until after an application is submitted through our jobs board.
Life at BuzzFeed
At BuzzFeed, we believe our work benefits from the diverse perspectives of our employees. As such, BuzzFeed celebrates inclusion and is committed to equal opportunity employment. At BuzzFeed, you can expect:
- A supportive, inclusive atmosphere on a team that values your contributions
- Opportunities for personal and professional growth through work experience, offerings from our in-house Learning @ BuzzFeed team, our Employee Resource Groups, and more
- An attractive and equitable compensation package, including salary and stock options
- A generous benefits program featuring PTO, unlimited sick time, comprehensive medical benefits, a family leave policy, access to mental health platforms, retirement plans, gym and wellness discounts, and much more.
BuzzFeed is the world’s leading tech-powered media company, with a cross-platform news and entertainment network that reaches hundreds of millions of people globally. The company aims to spread truth and joy across the internet by producing articles, lists, quizzes, videos, original series; lifestyle content through brands including Tasty, the world’s largest social food network; original reporting and investigative journalism through BuzzFeed News; strategic partnerships, licensing and product development through BuzzFeed Marketing; and original productions across broadcast, cable, SVOD, film and digital platforms for BuzzFeed Studios.
BuzzFeed is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category.
New media giant, BuzzFeed, attracts over 200 million unique visitors per month, or more quantifiably, everybody on your newsfeed, all the time.
Check out some videos we filmed with their recruiting team to learn how you can land a job at BuzzFeed.
Be a Better BuzzFeed Candidate
Learn skills and get an insider's look at BuzzFeed when you watch classes taught by their top employees.
Want to learn more about BuzzFeed? Visit BuzzFeed's website.
Palantir builds software that connects data, technologies, humans and environments.
Tech Jobs For You
Senior Full-Stack Engineers (Front-End Web and Tools Development)
Boxed, New York City, NY, United States, San Mateo, CA, United S...