Come join the Intuit Information Security Organization at Intuit! We are looking for an innovative professional to join a world class team.

As the cybersecurity risk landscape continues to evolve, the importance of scaling our compliance program to meet the security obligations of our customers and critical partners becomes of utmost importance. We are looking for a motivated, innovative, and passionate Senior Technical Compliance Manager who is driven by identifying ways to automate controls oversight through real-time monitoring and reporting. This professional will help improve Intuit's compliance program by identifying and driving process improvement opportunities and advocating for change; continuously monitoring the control environment for non-compliance; and reducing audit fatigue; all while establishing trusted partnerships with our global business units to efficiently drive compliance by design.

Intuit prides itself on being innovative, bold, and passionate. This is an exciting opportunity that will be supporting some of our most important and visible compliance initiatives such as ISO 27001, SOC 1/2/3, PCI DSS, NYDFS Part 500 and other cybersecurity regulatory audits. The Senior Technical Compliance Manager has the opportunity to work within an innovative technology landscape and re-imagine compliance posture management across Intuit and its business units.

Responsibilities

• Lead scope expansion opportunities by developing and leveraging a risk-based methodology when introducing new and existing service offerings and its underlying infrastructure components within the scope of applicable audits.
• Lead and manage all aspects of applicable cybersecurity audits, such as scope expansion, audit readiness, walkthroughs, evidence collection, and liaising with internal and external auditors.
• Drive adoption of emerging compliance framework requirements (e.g., ISO 27001:2022) through thorough analysis and prescriptive guidance.
• Evangelize Intuit's unified controls database to applicable stakeholders (i.e., control owners, Compliance SMEs) to ensure there is a clear understanding of roles and responsibilities.
• Support the policies and standards lifecycle process to ensure they address all current and emerging cybersecurity regulatory requirements.
• Support the needs of our business units to ensure they're meeting their compliance commitments, and provide periodic updates on their compliance status to management.
• Work closely with the Product Development teams to define requirements within the automate compliance platform tooling, such as control definitions, attribution, evidence, framework mapping, etc.
• Support the controls lifecycle process through periodic assessments of Intuit's unified controls database.
• Identify control deficiencies through risk-based continuous monitoring assessments and security controls campaigns, and provide recommendations that can be reasonably adopted.
• Document and report noted audit findings and work with control owners on remediation requirements, strategy, and execution.
• Regularly monitor remediation activities for noted findings, and escalate on remediation plans that are at-risk of being overdue.
• Develop and maintain compliance monitoring dashboards to provide real-time and on-demand compliance status metrics that can be presented to leadership.
• Work closely with control owners (or Providers) to identify ways to effectively monitor compliance posture through automation.
• Establish partnerships with cross-functional teams such as Legal, HR, Security, and IT to ensure they understand their roles when supporting the compliance program.
• Be a strong advocate for Intuit's CyberCRAFT organization!