Global SOX IT Program Manager

The Tesla IT Internal Audit team's mission is to protect the company by calling attention to critical risks and driving management action to address those risks. Internal projects are driven by two guiding principles - Keep Tesla Safe and Enable Operational Excellence. The Team achieves its objective by collaborating with functional and business/product groups to identify areas of risk, making valuable recommendations on process and control improvements, cost reduction, and operational excellence.

Tesla is seeking an experienced Program Manager to lead the IT Internal Audit plan in the complex areas of Information Security, Data Privacy, System Development, and Technology Risk Management. The expectation of this role will be to design and implement data-driven audit programs which enhance the effectiveness of IT operations and enable sustainable control. The successful candidate, who should be able to demonstrate a "can do" attitude and "go getter" personality.

• Plan, manage, and report on phases of IT SoX program which includes but is not limited to lead walkthrough, oversee testing and communicate results to stakeholders (ITGCs, Application controls , IPE testing, SOC review, etc)

• Lead technical evaluations on system implementation, emerging technology and automations, and partner with business and IT stakeholders for continued SoX compliance

• Assist continuous risk management and oversight functions by staying apprised, engaged, and trained in emerging technologies and technology risks which feed into the development of IT risk assessments and audit programs

• Bachelor's Degree in MIS/AIS

• 7+ years of experience in technology risks and compliance, internal audit and/or public accounting (Big 4 preferred), or equivalent

• Strong understanding of technology processes (e.g. change management, access security, automations, computer operations) and application controls for end users

• Advanced understanding of internal control and the demonstrated ability to interpreting complex issues, assessing risks and facilitating discussions with management to implement corrective actions

• At least one professional certification required such as CISA, CISSP, or other applicable professional certification