Senior It Auditor
Ultimate Software is seeking an IT Controls Analyst to work with teams across the company to identify and make recommendations on information risk and control optimization. The ideal candidate has prior IT auditor experience and is familiar with SaaS (Software-as-a-Service) Architecture, Cloud and Virtualization, Security, Support and Operations. This technical role requires prior experience auditing SaaS solutions operating in public cloud providers. The IT Controls Analyst position involves defining and conducting assessments and providing consulting services to management and users on information and systems risk and compliance. We look for folks who pay attention to detail and love finding creative and thoughtful solutions to a variety of compliance challenges. If that sounds like you apply today.
Here at Ultimate Software, we truly put our people first. We strongly believe in teamwork, and we encourage and trust our people to reach higher, learn more, and live up to their potential. Ultimate is ranked #1 on Fortune's “Best Places to Work in Technology” for 2018 and #3 on the “100 Best Companies to Work For” list in 2018. Ultimate is also ranked #1 on the Fortune’s “100 Best Workplaces for Millennials” for 2017 and #3 on its "Best Workplaces for Diversity” list for 2017.
Primary Duties and Responsibilities:
- Conduct compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
- Document systems, processes and controls using narratives
- Assess the effectiveness of internal controls over key IT risk
- Identify and recommend business process changes resulting in strengthened internal controls
- Collaborate with control owners to implement process changes and track to completion
- Advise and collaborate on projects by providing IT controls expertise and considerations
- Apply knowledge and expertise to compliance design challenges
- Assess readiness of product/service for certification and/or audit
- Guide control owners in establishing operational processes and controls for SaaS solutions operating in a cloud provider
- 3+ years of experience in security or compliance, performing and/or participating in technical assessments of complex IT environments
- Experience in performing technical security assessments within cloud environments
- Experience with cloud security and working with cloud providers (GCP, MS Azure, AWS)
- Understanding of Information Security frameworks and best practices (e.g.: ISO 27001/2, NIST, COBIT, Cloud Security Alliance - Cloud Controls Matrix)
- Understanding of virtualization and virtualization technologies
- A clear understanding of cloud computing services/deployment architecture
- Experience in conducting IT controls assessments based on ISO 27001/27002 and 27018, SOC 1 and SOC 2 Type 2
- Experience defining certification roadmaps and guiding control owners in documenting their control activities
- Bachelors in Management Information Systems or related areas
- CISA, CISSP, CIA or CRISC preferred
- CCSP (Cloud Certified Security Professional) preferred
- Cloud Platform Certification preferred
This job description has been written to include the general nature of work performed. It is not designed to contain a comprehensive detailed inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
Meet Some of Ultimate Software's Employees
Rapid Response Professional
DeAndrea provides support to customers in need of assistance with pay services, human resources, and employment databases—and also helps troubleshoot any problems implementing the software.
Back to top