The Head of Internal Audit reports to the Audit Committee of the Board of Directors with administrative reporting to the EVP and General Counsel.
The position functions independently from management and is responsible for managing the internal audit function including risk assessment, planning and execution of internal audits.
This position is also responsible for the coordination and testing of internal control over financial reporting under the Sarbanes-
Oxley act including the scoping, planning, independent assessment and testing of management’s controls, both financial controls as well as information technology controls, including relating to information security, business continuity an d disaster recovery and software development.
This position will partner with and advise management including finance, legal, vendor risk management, the information security group, the cloud operations group and others on effective controls design, controls scalability and controls evaluation and assurance.
This function will engage a robust cross functional initiative to strive toward a scalable and continuous risk management protocol for the Company.
This position will have a direct and regular contact with the Audit Committee and will assist the Committee in achieving its charter as it relates to risk and compliance.
This function is a critical function in ensuring financial, operational and compliance practices are designed and operating effectively across the organization.
Primary Responsibilities & Objectives
Apply a risk based approach to the audit of the company’s activities based on the results of the Internal Audit risk assessment process and the company’s strategic, operational, financial and regulatory compliance risk areas
Maintain an effective and comprehensive understanding of risks and for the organization within its industry
Conduct an annual internal audit program sufficient in scope to meet the requirements of the Audit Committee, management, external auditors and outside regulators (e.g., FFIEC)
Plan, manage and conduct internal audits, communicate results of internal audits and status of remediation
Provide counsel to management during new business and regulatory developments, new system implementations and other strategic initiatives to ensure internal controls are designed into the process
Maintain strong relationships with business unit leadership and communicate emerging best practices and provide internal control awareness and training for managers and control owners throughout the organization
Present reports and other information to executive management and the Audit Committee to enable them to discharge their responsibilities and to be knowledgeable about the state of the organization’s system of internal control and risk management processes
Coordinate internal audit and risk management activities with members of management, external auditors and regulatory authorities
Research and keep abreast of new audit regulations and trends, new and emerging technologies, tools, and methodology for effective application
Sarbanes-Oxley Compliance (SOX)
Determine annual plan and deadlines for Sarbanes-Oxley program. Manage and coordinate all phases including planning, documentation and design, controls testing and coordination of external auditor testing
Coordinate the execution of SOX Internal Control assurance for the entire company and partner with the process owners in functions.
Prepare annual financial risk assessment and determine scope and materiality for annual SOX program
Identify systems in scope and related infrastructure supporting systems for IT general control evaluation
Ensure continuous refinement and improvement to maintain the Company’s SOX process relevancy to the Company and its business operations and industry
Act as advisor to management on key control documentation and design of effective and efficient control for scalability and stronger assurance
Set standards of process and control documentation. Prepare documentation and process mapping to assist in evaluation of control design effectiveness and change management
Assist management in identifying, documenting and implementing automated controls for scalability and more robust control over financial reporting.
Coordinate period SSAE 18 (is the new pronouncement as of May 1st controls review as part of SOX program
Assist management in developing robust control over reports and spreadsheets and end user Test reports and spreadsheet controls on a period basis
Engage in new system projects. Prepare control documentation and design, identify control owners and ensure new controls are adopted and put on place along with new systems and significant system changes
Implement and manage SOX tools for efficient program management
Report and evaluate deficiencies and track remediation progress
Basic Qualifications, Skills and Education
15+ years business, audit and SOX experience gained from a top tier professional services firm
Deep understanding of risk management concepts, control models like COSO, COBIT and SOX programs
Deep understanding of information technology and its implications for business commerce and controlling business operations as well as software as a service models.
Understanding of information security risks and protocols especially in realm of large and diverse data sets across systems
Working knowledge of business processes, and understanding of associated key risks and controls for public corporate companies.
Demonstrated track record of leading project teams, and development of audit programs, and implementing proposals.
Demonstrated record of accomplishments, including leading a similar function with demonstrated results
Strong relationship builder, who knows how to pro-actively identify opportunities or problems, facilitates understanding and solution development
Energetic and effective communicator able to work with executive management and directors
Passion for improving the business and developing others for leadership responsibilities
Bachelor Degree or Equivalent - Finance, Accounting, Business Administration, Information Technology
CPA, CIA and / or CISA required
Preferred Qualifications, Skills and Education
Combination of financial services and technology companies
SaaS Industry experience
Ellie Mae is an Equal Opportunity / Affirmative Action Employer. Minorities, Females, Disabled and Veterans are encouraged to apply.
We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.