Information Security Advisor, Sox ITGC at Datadog
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
Datadog’s Information Security and Compliance (Infosec-GRC) department supports Datadog’s business by overseeing all aspects of IT-related compliance and working with engineers to meet regulatory requirements, by leading ongoing compliance activities, and by using technology to streamline compliance efficiency across the company.
As a Program Lead, you will lead and contribute to Datadog’s efforts to maintain ITGC SOX-404. We are looking for someone with experience auditing and working within technology companies that are fast-paced, cloud native, and leverage a broad range of technologies to get the job done. This position will own the company’s ITGC SOX-404 compliance program, working across our global organization to identify technology risks and managing regulatory impact on the organization. You will participate in assurance and advisory projects within areas such as sales & operations, enterprise IT, data infrastructure, finance, financial systems, revenue engineering, and the technology platform. You will partner with Datadog’s Internal Audit Manager to deliver a comprehensive Internal Audit program.
- Lead the annual SOX 404 ITGC statement mapping, risk assessment and scoping process identifying significant business units, in-scope applications and services, and critical processes ensuring an adequate scope and testing of Datadog’s SOX-404 ITGC RCM statements.
- Co-lead and oversee ITGC SOX compliance and IT internal audits in accordance with standards.
- Act as the “go-to” person for ITGC internal controls within the organization and provide a reliable and insightful resource for implementing controls within a business process in an efficient and effective manner.
- Critically evaluate the current set of in scope controls and recommend ways to rationalize and optimize controls through automation.
- Partner with Datadog’s Internal Audit Manager to efficiently produce annual internal audit deliverables.
- Coordinate with business owners to ensure controls are being properly designed and continuously compliant through business and organization changes.
- Manage consultants and service providers, when applicable. Lead scoping and reporting with service providers.
- Consult on new business initiatives, system implementations, ITGC policy changes and assess the impact of changes on internal controls
- Liaise with external auditors and proactively partner with Datadog’s Internal Audit team to ensure reliability of testing
- Leverage your controls knowledge and audit experience to support, in a backup capacity, other regulatory frameworks (ISO, PCI, HIPAA)
- BS/BA degree or equivalent experience (Preferred certifications: CISSP, CIA or CISA)
- 8+ years of experience including IT General Controls, internal audit and direct experience in SOX-404 audit experience
- Must possess strong auditing skills with experience in auditing public companies, and ensuring compliance with Sarbanes-Oxley Act, Section 404 and the Public Company Oversight Board (PCAOB) Standards
- Knowledge of external auditor requirements and reporting
- Strong written and verbal communication skills
- Demonstrated cross-functional people and process management skills
- You value correctness and efficiency; you leave no stone unturned when reviewing documentation and evidence
- You want to work in a fast, high-growth environment
- “Big 4” audit experience.
- Certifications are not a strict requirement but are appreciated
- You’ve been through an IPO before and participated in the SOX program
- Familiarity with Amazon Web Services, Google Cloud Platform, or Azure
- Knowledge of and experience with the use of compliance reporting software
- You’ve used GRC tools and are generally adept at picking up new organizational tools like Trello, Google Docs, and Github
#LI-Remote This is a remote position
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.