Senior It Auditor

Ultimate Software is seeking an IT Controls Analyst to work with teams across the company to identify and make recommendations on information risk and control optimization. The ideal candidate has prior IT auditor experience and is familiar with SaaS (Software-as-a-Service) Architecture, Cloud and Virtualization, Security, Support and Operations. This technical role requires prior experience auditing SaaS solutions operating in public cloud providers. The IT Controls Analyst position involves defining and conducting assessments and providing consulting services to management and users on information and systems risk and compliance. We look for folks who pay attention to detail and love finding creative and thoughtful solutions to a variety of compliance challenges. If that sounds like you apply today.

Here at Ultimate Software, we truly put our people first. We strongly believe in teamwork, and we encourage and trust our people to reach higher, learn more, and live up to their potential. Ultimate is ranked #1 on Fortune's “Best Places to Work in Technology” for 2018 and #3 on the “100 Best Companies to Work For” list in 2018. Ultimate is also ranked #1 on the Fortune’s “100 Best Workplaces for Millennials” for 2017 and #3 on its "Best Workplaces for Diversity” list for 2017.

Primary Duties and Responsibilities:

  • Conduct compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
  • Document systems, processes and controls using narratives
  • Assess the effectiveness of internal controls over key IT risk
  • Identify and recommend business process changes resulting in strengthened internal controls
  • Collaborate with control owners to implement process changes and track to completion
  • Advise and collaborate on projects by providing IT controls expertise and considerations
  • Apply knowledge and expertise to compliance design challenges
  • Assess readiness of product/service for certification and/or audit
  • Guide control owners in establishing operational processes and controls for SaaS solutions operating in a cloud provider
Required Qualifications:

  • 3+ years of experience in security or compliance, performing and/or participating in technical assessments of complex IT environments
  • Experience in performing technical security assessments within cloud environments
  • Experience with cloud security and working with cloud providers (GCP, MS Azure, AWS)
Preferred Qualifications:

  • Understanding of Information Security frameworks and best practices (e.g.: ISO 27001/2, NIST, COBIT, Cloud Security Alliance - Cloud Controls Matrix)
  • Understanding of virtualization and virtualization technologies
  • A clear understanding of cloud computing services/deployment architecture
  • Experience in conducting IT controls assessments based on ISO 27001/27002 and 27018, SOC 1 and SOC 2 Type 2
  • Experience defining certification roadmaps and guiding control owners in documenting their control activities
Education/Certification/License:

  • Bachelors in Management Information Systems or related areas
  • CISA, CISSP, CIA or CRISC preferred
  • CCSP (Cloud Certified Security Professional) preferred
  • Cloud Platform Certification preferred
Travel Requirement:Occasional travel may be expected

This job description has been written to include the general nature of work performed. It is not designed to contain a comprehensive detailed inventory of all duties, responsibilities and qualifications required of employees assigned to this job.


Meet Some of Ultimate Software's Employees

DeAndrea M.

Rapid Response Professional

DeAndrea provides support to customers in need of assistance with pay services, human resources, and employment databases—and also helps troubleshoot any problems implementing the software.

Lindsey R.

Account Manager

Lindsey’s job entails building relationships with customers and making sure that her 25 accounts are always happy—and that their questions and issues are handled properly and successfully.


Back to top