Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead, IT Audit and Technology Risk

$185k - $220k
Full-time

Notion

Who We Are Notion is the collaborative AI workspace where teams and agents think together. We're building one place where your knowledge, projects, meetings, and AI tools live side by side, so work is faster, clearer, and less fragmented. Millions of individuals, small teams, and large companies run their work on Notion. Notinos (our employees) are customer zero in bringing this future of work to life. We care about craft, building things that last, and the belief that great work is still fundamentally human. Our goal isn’t to ship the next feature. Each and every team of Notinos is working to set the standard for how humans work together in the AI era. From building a business’s system of record to making and managing AI agents to automating away the busy work, we care deeply about giving our customers more time for their life’s work. About the Role: We are seeking a strategic and technically fluent Lead, IT Audit to join our Finance team reporting to the Head of Internal Audit. This is a broad, high-impact role spanning both IT SOX compliance and operational IT audits. You will help establish and elevate our technology controls program end to end — owning the IT SOX lifecycle, designing the IT general and application controls framework, embedding AI and automation into how we test and monitor controls, and delivering value-added operational IT and cybersecurity audits that strengthen how the company builds and runs its systems. You will partner with leaders across Engineering, Security, IT, Finance, and the business to ensure sound technology controls are built into how the company operates as we scale. This role is ideal for someone who thinks like a builder, not just an auditor — someone who can translate complex control and security requirements into practical, scalable processes in a fast-moving SaaS environment with modern cloud architecture and complex data flows. This role can be based in either San Francisco or New York City. We work from our offices on Mondays, Tuesdays and Thursdays (our Anchor Days) because we do our best thinking and building together in person. We’re looking for someone who’s excited to work alongside the team during those days. What You'll Achieve: Own the full IT SOX lifecycle — scoping, risk assessment, documentation, walkthroughs, testing, deficiency evaluation, remediation, and reporting — driving automation and efficiency across IT general controls (ITGCs) and IT application controls (ITACs) Design, operate, and continuously improve technology controls spanning user access and segregation of duties, change management, SDLC and CI/CD pipelines, interfaces, data flows, and system-generated reports Design and execute value-added operational IT and cybersecurity audits — across cloud infrastructure, security operations, identity and access management, data protection and privacy, disaster recovery and resilience, and vendor and third-party risk — while driving enterprise-level technology risk assessment that anticipates emerging risks before they materialize Serve as a strategic advisor on cross-functional initiatives (product launches, new systems, architecture changes, M&A) and as the primary point of contact for external auditors, ensuring sound controls are built in from day one and audit evidence is complete, clear, and timely Own IT control deficiencies from identification through sustained remediation while partnering with and educating system owners to build a culture of ownership and accountability Champion the adoption of AI and modern tooling — from automated control testing and anomaly detection to continuous monitoring and AI-assisted documentation — to make the IT audit function smarter, faster, and more forward-looking Skills You'll Need to Bring: 12+ years of progressive IT audit, IT SOX, or technology risk experience, with a combination of Big 4 and high-growth technology company experience Deep, hands-on ownership of IT SOX/ITGC programs, with a strong understanding of PCAOB standards, SEC requirements, and frameworks such as COSO, COBIT, NIST, and ITIL Demonstrated experience designing and leading operational IT audits end to end — including annual planning, risk-based scoping, fieldwork, and reporting — across areas such as IT operations, infrastructure resilience, disaster recovery and business continuity, capacity and availability management, and IT vendor and third-party risk Strong cybersecurity audit experience with working fluency in frameworks and regulations such as NIST CSF, ISO 27001, SOC 2, GDPR, and CCPA, and the ability to translate them into practical, testable controls Software or SaaS industry experience is a must — particularly modern cloud-based technology stacks (AWS, GCP, Azure), software development lifecycles, and complex data flows — paired with strong technical knowledge across cloud security configurations, identity and access management, change management, DevOps and CI/CD pipelines, and enterprise IT operations risks and controls Process leadership — a track record of building functions, designing new processes and policies, and driving continuous improvement Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field; CISA, CISSP, CISM, CIA, CPA, or equivalent certification required Strong stakeholder management and communication skills, with the ability to translate complex technical and audit topics into clear language and influence partners across all levels of the organization Notion is committed to providing highly competitive cash compensation, equity, and benefits. The compensation offered for this role will be based on multiple factors such as location, the role’s scope and complexity, and the candidate’s experience and expertise, and may vary from the range provided below. For roles based in San Francisco, the estimated base salary range for this role is $185,000 - $220,000 per year. By clicking “Submit Application”, I understand and agree that Notion and its affiliates and subsidiaries will collect and process my information in accordance with Notion’s Global Recruiting Privacy Policy. #LI-Onsite A Note on AI You don’t need deep AI expertise for every role, but we do expect every Notino to be intellectually curious, drawn to tinkering and discovery, and excited to use AI as a real collaborator in their work. For some roles, AI fluency is a core requirement — when that’s the case, we'll say so explicitly in the qualifications. People who thrive here don’t treat AI as a novelty. They use it to think better, and make their work easier for others to build on. Equal Opportunity & Accommodations We hire talented people from a wide range of backgrounds. If you’re excited about this role but don’t meet every bullet, we still encourage you to apply. Notion is an equal opportunity employer and does not discriminate on the basis of any legally protected characteristic. Consistent with applicable law, we will consider for employment qualified applicants with arrest and conviction records. Notion provides reasonable accommodations during the application process; if you need one, please let your recruiter know. Notion is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Notion considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Notion is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please let your recruiter know.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Lead, IT Audit and Technology Risk in San Francisco, CA vacancy
  • PwC South Africa is seeking an IT Audit/Controls Manager in San Francisco to deliver internal audit services. You will guide teams, manage client expectations, and utilize innovative technologies to optimize audit processes. The role emphasizes strategic planning, mentoring... 
    Risk

    PwC South Africa

    San Francisco, CA
    4 days ago
  • $170k - $220k

     ...Distyl is an applied AI technology company partnering with...  .... Distyl is backed by leading investors including Lightspeed...  ...Looking For As Head of IT, you will build and...  ...Operations Security & Risk Management Establish...  ...diligence requests, audits, and enterprise compliance... 
    Risk
    Work at office
    Remote work

    Distyl AI, Inc.

    San Francisco, CA
    4 days ago
  • $249.6k - $312k

    DoorDash is seeking a Senior Director, IT Internal Audit to shape and lead their global IT audit function. This role focuses on defining IT audit strategies, managing technology risks, and overseeing audits related to cybersecurity and AI governance. Ideal candidates will... 
    Risk

    Fairygodboss

    San Francisco, CA
    2 days ago
  • $124k - $280k

    SwiftCruit, located in San Francisco, California, is seeking a Senior Manager in IT Audit/Controls to lead large projects and improve internal audit processes. This role focuses on ensuring regulatory compliance and enhancing the reliability of financial statements. Candidates... 
    Risk

    SwiftCruit

    San Francisco, CA
    2 days ago
  • $99k - $232k

    PowerToFly is seeking a Manager for their Internal Audit Generalist team in San Francisco, CA. This role focuses on delivering high-quality...  ...'s Degree, 5 years of relevant experience, and proficiency in risk assessment and controls testing. The position offers a salary... 
    Risk

    PowerToFly

    San Francisco, CA
    3 days ago
  • $142.6k - $261.5k

     ...change. And with change comes risk. As a Risk Technology professional, you will be...  ...controls monitoring, and IT risk management. You will belong...  .... Since EY is a global leading service provider in this...  ...Foundational understanding of auditing and assessing Oracle... 
    Risk
    Work experience placement
    Summer holiday
    Flexible hours

    Ernst & Young Oman

    San Francisco, CA
    1 day ago
  • $150k - $205k

     ...San Francisco seeks an Assurance Senior Manager for Technology Risk Assurance. In this role, you will lead audit teams, ensuring adherence to established standards...  ...ideal candidate has over eight years of experience in IT audit and relevant certifications like CPA or CISA.... 
    Risk

    BDO USA

    San Francisco, CA
    2 days ago
  • A technology leader in real estate solutions is seeking a Technology Risk and Controls Manager to improve risk management across its cloud-native products. The applicant...  ...5 to 8 years of experience in technology audit or IT risk management. Responsibilities include assessing... 
    Risk

    AppFolio

    San Francisco, CA
    2 days ago
  • $99k - $297k

    Digital Assurance & Transparency - IT Audit Manager Financial Services Save...  ...to understand the systems and technologies our clients use and how they can mitigate risk. As a Digital Assurance and Transparency...  .... Responsibilities Lead teams and manage client accounts... 
    Risk
    H1b

    Payfuture Technologies

    San Francisco, CA
    3 days ago
  •  ...legacy systems with AI-native technology that automates 90% of the manual...  ...founded by a team of Banking IT experts and AI researchers...  ...What you'll do As an Engagement Lead, you will translate ambitious...  ...outcomes, expansion strategy, and risk management. You'll own the... 
    Risk

    Casca

    San Francisco, CA
    2 days ago
  • $130k - $180k

     ...history, you farmed or you starved. Technology gave people more time for the...  ...equipment category, with lead-time and capacity thresholds tied...  ...flow. Anticipate inventory risks, both depletion and overstock,...  ...and built the systems behind it, not just executed counts.... 
    Risk
    Local area

    Fluidstack

    San Francisco, CA
    2 days ago
  • $2,000 per month

     ...Column For companies building financial technology and transforming the financial services...  ...Partner with Solutions Engineering, Legal, Risk, and Compliance to structure solutions...  ...you're building pipeline, not waiting for it. Team & Playbook Building Contribute... 
    Risk
    Work at office
    Remote work
    Flexible hours

    Column

    San Francisco, CA
    3 days ago
  • $150k - $205k

    Job Summary The Assurance Senior Manager, Technology Risk Assurance is responsible for acting as an IT audit technical resource to clients and internal stakeholders...  ...process. In this role, the Assurance Senior Manager leads teams in planning and performing IT risk and... 
    Risk
    Work at office

    BDO USA

    San Francisco, CA
    2 days ago
  • $102k - $162.89k

    Baker Tilly Advisory Group, LP in San Francisco is seeking an IT Audit, Cybersecurity & Risk Experienced Consultant. This role involves collaborating with clients to identify and mitigate IT risks, providing strategic advice, and conducting audits. The ideal candidate... 
    Risk

    Moss Adams Advisory Group LP

    San Francisco, CA
    3 days ago
  • $198k - $250k

    About The Role The Technology Risk Manager is a senior individual contributor...  ..., infrastructure, and IT. You’ll act as the primary owner...  ...experience in technology risk, IT audit, cybersecurity, or...  ...track record as a senior IC leading complex, cross‑functional risk... 
    Risk
    Work at office
    Local area
    Remote work
    Worldwide
    3 days per week

    Hinge Health

    San Francisco, CA
    3 days ago
  •  ...Jira Lead Admin Employment Type: Full‑Time, Mid Level Department: Information Technology CGS is seeking a talented Jira Lead Administrator who...  ...transformation in the federal IT domain to join our growing...  ...Security Clearance (moderate risk public trust) Atlassian certified... 
    Risk
    Full time
    Flexible hours

    CGS Federal (Contact Government Services)

    San Francisco, CA
    2 days ago
  • $77k - $202k

    PwC is seeking an IT Audit/Controls - Senior Associate in San Francisco, California. In this role, you'll conduct audits...  ...compliance, and work with clients to address various risks while leveraging AI technologies. The ideal candidate holds a Bachelor’s degree, with at... 
    Risk

    PwC

    San Francisco, CA
    2 days ago
  • $77k - $202k

    PwC South Africa, located in San Francisco, is seeking a Senior Associate for their IT Audit/Controls team. This individual will conduct comprehensive audits, evaluate compliance, and utilize cutting-edge tools to deliver internal audit services across various industries... 
    Risk

    PwC South Africa

    San Francisco, CA
    4 days ago
  • $102.5k - $209.4k

     ...core part of our DNA across our audit, tax, and consulting groups....  ...as AI-enabled insights and technology-powered solutions, to enhance...  ...seeking a SALT Manager to join our Lead Tax Services group. In this...  ...their goals with tax, advisory, risk and performance services.... 
    Risk
    Full time
    Work at office
    Local area
    Remote work
    Worldwide

    Crowe

    San Francisco, CA
    3 days ago
  • $77k - $202k

     ...Associate in San Francisco. This role involves providing enterprise risk and controls solutions, conducting risk assessments, mentoring...  ...Degree in relevant fields and 2 years of experience. Knowledge of IT controls and proficiency in Oracle or SAP is preferred. A... 
    Risk

    PowerToFly

    San Francisco, CA
    3 days ago
  • $160k - $250k

     ...history, you farmed or you starved. Technology gave people more time for the...  ...! About The Role As Cost Lead, you will own cost management...  ...contingency tracking and cost risk registers across project phases...  ...), emergency power, and IT fit‑out Understands how design... 
    Risk
    Contract work
    For subcontractor
    Local area

    Fluidstack

    San Francisco, CA
    4 days ago
  • $190k - $210k

     ...owners use to run their business. It powers everything from the...  ...these same problems. Huge technology corporations are taking their...  ...function has already built churn risk signals, CSM engagement scoring...  ...using a data-backed approach, and leading the follow-through. As a Lead... 
    Risk
    Work at office
    Local area
    Remote work

    Owner.com

    San Francisco, CA
    1 day ago
  • $85k

     ...tools owners use to run their business. It powers everything from the restaurant's...  ...struggling with these same problems. Huge technology corporations are taking their customers,...  ...We are hiring an IT Asset Management Lead to own this end-to-end. You will be the single... 
    Work at office
    Local area
    Remote work

    Owner

    San Francisco, CA
    3 days ago
  • $77k - $202k

     ...Requirements: Up to 60% The Opportunity As an IT Audit/Controls - Senior Associate, you will...  ...across various industries. Within our Risk Consulting practice, you will focus on...  ...audit functions using AI and other risk technologies. As a Senior Associate, you will build... 
    Risk
    Full time

    PwC

    San Francisco, CA
    1 day ago
  • $77k - $202k

    Job Description & Summary As an IT Audit/Controls - Senior Associate, you will play a pivotal...  ...across various industries. Within our Risk Consulting practice, you will focus on...  ...audit functions using AI and other risk technologies. As a Senior Associate, you will build meaningful... 
    Risk
    Full time

    PwC South Africa

    San Francisco, CA
    4 days ago
  • $77k - $202k

     ...to 60% At PwC, our people in audit and assurance focus on providing...  ...assessing governance and risk management processes and related...  ...services, using AI and other risk technology and delivery models. IA...  ...and controls testing Address IT management and cyber-related risks... 
    Risk
    Full time
    H1b

    PowerToFly

    San Francisco, CA
    3 days ago
  •  ...to return time. As the leading AI Time platform for professional...  ...machine learning technology automates work time...  ...and data—and help build it from the ground up....  ...transparency, explainability, risk boundaries). Privacy,...  ...and Compliance on audits, certifications, and trust... 
    Risk
    Relocation package

    Laurel

    San Francisco, CA
    3 days ago
  • $144.9k - $265.8k

     ...world. The opportunity EY’s Digital Risk practice is supporting leading Technology, Media & Telecommunications (TMT)...  ...and implementation of scalable, audit-ready risk and compliance frameworks...  ...with stakeholders (e.g., finance, IT, engineering) to deliver clear, actionable... 
    Risk
    Summer holiday
    Flexible hours

    EY

    San Francisco, CA
    16 hours ago
  •  ...Corporate Security Engineer, Lead at Sierra, you will...  ...capability within IT — establishing the operating...  .... Own the centralized risk register and drive...  ...integration landscape by auditing and governing OAuth applications...  .... We are the best technology company for parents. We... 
    Risk
    Full time
    Flexible hours

    Sierra

    San Francisco, CA
    3 days ago
  • $230k - $260k

     ...About GoodLeap GoodLeap is a technology company delivering best-in-class financing...  ...looking for a Director of Product to lead the fraud and risk function for our consumer products. This...  ...meet regulatory requirements and are audit‑ready. Communicate risks, trends, and... 
    Risk

    GoodLeap, LLC

    San Francisco, CA
    8 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead, IT Audit and Technology Risk. Be the first to apply!