Information Technology Auditor
IT Auditor Palo Alto, CA / Engineering / Full-time Our Infosec team is responsible for safeguarding the security of Wealthfront: from corporate information security through to protection of production systems on the Internet. The IT Auditor reports to the Head of Security, and works cross functionally (including with engineering, brokerage and finance leaders) to ensure our systems meet the security, privacy and compliance needs of our clients, employees, regulators and shareholders. We are looking for someone to handle a number of internal security and audit functions. This is a mid-level position, requiring 2+ years of IT Security/Audit experience. To enjoy and thrive in this role, you'll be comfortable with creating and/or following proceduralized processes with high attention to detail. Additionally, you'll need to be technically oriented, well organized and a self-starter.
You will be responsible for:
- Performing monthly security compliance activities including; access audits, verification of continued business need for privileged systems access, ensuring approvals for user access requests are in place, and generating our monthly security audit and systems access report.
- Preparing audit reports and other outputs required for IT / Security / Financial and regulatory audits
- Assist with information security activities including user provisioning, de-provisioning, user access, and restrictions to system
- Creating/updating procedures related to access, security and system changes
- Periodically validate procedures and review they have been followed correctly.
- Lead our cross functional 3rd party risk review team, security assessments, and maintain our re-review schedule
- Monitor controls related to systems to ensure they meet policy objectives
- Maintain our risk control matrix, and assist with threat modeling / attack surface identification & reduction
- Create and maintain internal IT policies and procedures
- Identify & contribute to process and control enhancements
- Be a member of our internal incident response team (this includes being on-call for incident management)
- A.S. in Science, Computer Science, Accounting, Engineering OR equivalent experience
- 2+ years work experience in an IT Security or IT Audit function
- Strong attention to detail and organizational skills
- Excellent writing and oral communication skills, in English
- Passion to aim higher and develop new skills
- Enthusiastic about collaborative problem solving
- Eagerness to solve challenging problems
- An interest in, or experience with information security
- Experience participating in, or leading ITGC audits: as either the client or auditor
- Experience with industry standard SDLC tools (Atlassian exposure a plus)
- Security risk and compliance experience at a fast-paced technology company, Big Four public accounting firm, or equivalent
- Experience with any of: SOX, SOC 1/2/3, ISO 27001, PCI-DSS, CSA STAR, HIPAA, FedRAMP/NIST 800-53 or other security based certifications, audits, or compliance standards
Everyone across the financial spectrum deserves to live secure and rewarding lives. In order to successfully serve clients across the United States, the Wealthfront team is focused on hiring team members with a diverse range of backgrounds, experiences and perspectives. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. About
Wealthfront is a nextgen banking and investing service. We offer high-interest checking with our Cash Account, help you build your net worth with automated investing, automate your savings strategy with our service Autopilot, and give you a single view of your finances with our intuitive mobile app. Our ultimate vision is to optimize and automate all of our clients finances and build what we call Self-Driving Money. We want clients to be able to automatically deposit their paycheck into their Wealthfront account, and let us take care of the rest paying their bills, topping off their emergency fund or 401(k), and investing the rest based on their specific goals and lifestyle. To get there, well be focusing the bulk of our efforts on creating a better alternative to what the banking industry provides. Join us so you can help us turn this industry on its head and build a service that our clients don't just like, they love.