IT Compliance Program Manager

At Apple, we believe in the power of technology to enrich people's lives. Everything we build is designed to empower people, including our advertising platform. We deliver ads in a way that benefits both customers and advertisers - helping people discover content, supporting creators, and protecting and respecting everyone's privacy.

Our technology makes advertising possible on the App Store, Apple News, Stocks, and Apple TV. We help developers and marketers of all sizes drive app discovery across the App Store. Our display ads on Apple News and Stocks let advertisers promote their products alongside trusted content in a brand-safe environment, while supporting publishers and journalists. Sponsorship integrations and experiences in live sports on Apple TV help advertisers connect with captivated audiences. Everything we do is with the unwavering commitment to privacy you expect from Apple. Because when advertising is done right, it benefits everyone.

The Ad Platforms team has an immediate opening for an IT Compliance Program Manager and is looking for a driven and creative IT audit or information security individual who can understand complex technologies, evaluate security, privacy and IT risks, and design thoughtful controls accordingly. This is an hands-on role that will directly interact with teams in Ad Platforms and various customers across Apple to ensure that our ads business complies with external compliance requirements as well as internal policies. This position requires a teammate and self-starter with experience working in cross-functional, tactical and detail oriented projects to achieve business, operations, and technical goals. Must have demonstrated understanding of SOX Compliance, IT General Controls, systems development life cycle, secure baseline configurations, Cloud computing, and a grasp of security and privacy concepts. Must be able to quickly understand the essence of multiple new technical ideas and identify potential control weaknesses, breakdowns, and risk areas.

Description

• Develop and maintain clear, detailed, and accurate SOX IT documentation, including system diagrams, control descriptions, work papers, and risk control matrices

• Provide guidance and oversight on change management practices across the organization, access controls, secure baseline configurations, database and operating systems controls; and identify opportunities to improve the efficiency and effectiveness of the IT processes

• Coordinate annual ITGC and SOX-related activities with systems owners, control owners, cross-functional stakeholders, and external auditors

• Manage the planning and execution of all phases of the SOX compliance program including scoping, process walkthroughs, control identification, ITGC testing and documentation, periodic management updates, and reporting

• Monitor and track remediation for all identified IT control exceptions and audit issues

• Partner with internal and external stakeholders to build strong relationships and support the coordination of SOX and compliance activities

• Understand and effectively use automated security tools

• Sustain momentum to maintain compliance across the organization outside audit cycles and diligently follow every detail through to its completion

• Identify and eliminate ambiguity in projects to ensure clarity and establish goals and expectations

• Grasp technical concepts quickly and suggest solutions for potential weaknesses

• Work well with a variety of different personalities and inspire change in current processes

Minimum Qualifications

• Proven experience performing risk assessments and identifying key IT, information security, and privacy risks

• Broad knowledge of, and prior experience with, common controls in: cloud platforms, systems development life cycle, computer operations, change management, networking, and security

• Strong knowledge and prior experience working on IT General Controls for SOX compliance

• Proven ability to work well on a team, as well as independently, with limited supervision

• Exceptional project management, organizational, and communication skills incl. writing skills, handling/influencing multiple projects with varied deadlines, diverse stakeholders and changing priorities

• Ability to operate and communicate in ambiguous situations while bringing clarity

Preferred Qualifications

• 4+ years of experience in a "Big 4" environment a plus

• CISSP is a plus

• Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics.