Infosec Audit Manager

Our Company

Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.

We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

The Opportunity

Adobe's Risk Advisory and Assurance Service (RAAS) function formally Global Audit is seeking an experienced Information Security professional who will be leading efforts to assess the design and effectiveness of Information Security & Technology controls across Adobe's technology landscape. The candidate must have a good insight and understanding of the Technology and Cyber Security risks in line with regulatory and other compliance requirements. This position will be based in Adobe's San Jose Office.

What You'll Do

• Work under the supervision and mentorship of the RAAS Group Manager to plan, scope, and evaluate the design and effectiveness of the internal controls (On-prem and Public Cloud).

• Working with Engineering, corporate BU, and functional leaders to identify and manage the Cybersecurity and Technology risks.

• Lead Cyber Security Assessments - Security Architecture reviews, Design and workflows assessments, Configuration reviews, Cloud Security Review, VA/PT, and emerging risks such as ransomware, etc.

• Lead Information Security related assessments to cover domains like User Access Management, Network, OS & Application Security, Encryption, Backup Management, Disaster Recovery, Physical Security, Training & Awareness, etc.

• Support the delivery and scaling of the Technology SOX program. Hands-on with design and testing of IT General Controls (ITGC) & IT App Business controls.

• Drive Risk Assessments and Audit planning exercises and support other department initiatives as needed

• Assist with the development of project plans which includes scope, schedule, cost, quality, organization, communication, staffing, risk, and issue management

• Prepare reports/presentations summarizing results of testing along with the proper disposition of test exceptions.

• Lead a team of 1 to 2 individuals across NA and India.

What you need to succeed

• Bachelor's/Master's Degree in Information Systems, Computer Science, Information Technology. Minimum 5-6 years of experience in Cyber Security.

• The candidate should hold a relevant credential such as CISA, CISSP, CRISC, or CCSP. Other certifications such as AWS/Azure Architect and security specialty is a plus!

• Experience in one or more of the following IT audit areas: ITGCs, process controls, security, system implementations & integrations, e-commerce, data analytics, cloud computing (AWS, Azure), or similar.

• Demonstrable experience in driving and managing engagements like Wireless Security audits, Network & Firewalls security reviews, OS & Infrastructure audits, API Security, DLP audits, Ransomware audits, etc.

• Familiarity with the Common Vulnerability Scoring System (CVSS) and other Vulnerability Management Databases (e.g., CVE)

• Knowledge and experience with information security standards (ISO 27001), governance frameworks (COBIT, NIST), and regulatory compliance (SOX, SOC2, GDPR, PCI-DSS, etc.).

• Knowledge of Controls Automation and Continuous Auditing practices.

• Strong organizational and management skills; ability to deliver multiple projects efficiently & prioritize tasks to meet project requirements.

• Outstanding interpersonal, oral, written, and presentation skills with the ability to comfortably communicate with all levels of management.

• The candidate must be a phenomenal teammate, self-motivated, and have a positive can-do demeanor. Ability and willingness to travel (approx. 20%).

Our compensation reflects the cost of labor across several  U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $83,800 -- $179,700 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.

At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP).

In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award.

Adobe is proud to be an Equal Employment Opportunity and affirmative action employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more.

Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call (408) 536-3015.

Adobe values a free and open marketplace for all employees and has policies in place to ensure that we do not enter into illegal agreements with other companies to not recruit or hire each other's employees.