We believe the economy is better when everyone has access. When everyone has room to grow. No one should be left out because the cost is too great or the technology too complex. We started with a little white credit card reader but haven’t stopped there. We’re empowering the independent electrician to send invoices, setting up the favorite food truck with a delivery option, helping the ice cream shop pay its employees, and giving the burgeoning coffee chain capital for a second, third, and fourth location. We’re here to help sellers of all sizes start, run, and grow their business—and helping them grow their business is good business for everyone.

The IT Auditor will be responsible for the audits of Squares information systems environment, with an emphasis on identifying and assisting Management in minimizing the related risks. The scope of these activities includes complex audits related to general data centers, system applications, web based applications, IT infrastructure, and information security.  The IT Auditor will provide strategic assistance in the development of integrated systems designed to help management identify, manage, and monitor potential areas of risk, from both a financial and operational perspective. 

A successful candidate should have a good understanding of IT controls and internal audit, and will have an important role in branding Internal Audit services, championing IT controls and governance concepts throughout the business.
 

You will:

• Work collaboratively with IT Management regarding general controls reviews and assessments. The scope of these activities will include participating on any related teams on a consultative basis.

• Design, test, and document controls related to IT compliance with Sarbanes-Oxley requirements.

• Execute complex IT audits. This includes assessing and evaluating potential application risks and controls and providing recommendations to Management regarding mitigation of risks.

• Analyzing and assessing IT risks (cyber security, data protection and confidentiality, technology change, technology reliability) assumed by the business.

• Communicate audit and client expectations regarding deliverables, timing, and benefits to the Company. Ensure audits results are focused, clear, accurate, and well presented. Anticipate potential roadblocks and issues, and provide suggestions and alternatives.

• Participate in system development audits to ensure controls are considered and implemented as part of the system development life cycle process.

• Apply information systems development, implementation and operation control concepts in a variety of technology settings, and assess the exposures from ineffective or missing control practices.

You have:

• Bachelors degree in a business related field with focus on information systems. Additional certification, such as CPA, CISA, and CISSP or comparable, is desired.

• At least 4 years of related, applicable experience in information systems, cyber security, auditing, and experience in a management/supervisory role.  Specifically, applicable experience would include a mixture of public accounting (Big 4) information systems, and IT Internal Audit function of a publicly traded company within the high technology / payment industry.  The candidate should have knowledge and experience with professional standards, including COBIT.

• Experience working with SOX, PCI compliance, and SOC1/2 review.

• Extensive knowledge of system development life cycle concepts with an ability to quickly learn a complex, distributed computing and open source environment, including AGILE development and continuous integration concepts.

• Solid understanding of internal control concepts with the ability to evaluate and determine the adequacy of controls by considering business and technology risks in an integrated manner, including appropriate segregation of duties, where applicable.

• Experience and understanding of key audit concepts such as frameworks, control design and operating effectiveness, basic IT audit areas (application, system, development, security, operations, IT general controls, etc.)

• Ability to work independently by planning and executing each audit project from start to finish.

• The willingness to go above and beyond to fully understand and stay abreast of external and internal factors that may have an effect on Squares business.

• Experience with Oracle Systems.

At Square, our purpose is to empower – within and outside of our walls. In order to build the best tools for the businesses and customers we support all over the world, we have to start at home with a workforce as diverse and empowered as our sellers. To this end, we take great care to evaluate all employees and job applicants equally, based on merit, competence, and qualifications. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or any other characteristic protected by law. We encourage candidates from all backgrounds to apply and always consider qualified applicants with arrest and conviction records, in accordance with the San Francisco Fair Chance Ordinance. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)squareup.com. We will treat your request as confidentially as possible. In your email, please include your name and preferred method of contact, and we will respond as soon as possible.