Senior Manager, IT Controls

The Senior Manager, IT Controls reports to the Chief Accounting Officer and will operate and manage a Sarbanes-Oxley (SOX) IT Controls program where revenue transactions and key reporting come from custom developed systems deployed to Amazon Web Services.  You’ll work with our accounting, engineering, product and securities team to ensure our control owners have complete and accurate review populations and validate the control execution.   You’ll direct our IT controls monitoring team and provide input on our internal control monitoring and execution tools.  As our business or technologies change, you’ll work with our engineering, IT, finance, HR, and product teams on any necessary changes to our SOX IT Controls.  

Who you are:

• CPA (Certified Public Accountant) or CISA (Certified Information Systems Auditor) required; CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager) preferred.
• 7+ years of public company (internal and/or external auditing) experience, with emphasis on IT experience with public companies with complex custom developed platforms in public cloud environments and/or Big 4 accounting firm, with experience auditing a complex IT client base (4+ years of Big 4 experience preferred).  
• 5+ years experience in a position of leadership to include team development and management.
• Expert understanding of the general computer control areas and IT governance frameworks (e.g., Sarbanes-Oxley, COSO framework, COBIT, NIST CSF, ISO 27001).
• Working understanding of US Generally Accepted Accounting Practices.
• Direct experience designing and implementing a system of internal controls, including experience in a large-scale management-led SOX organization as well as supporting a company’s SOX program. 
• Proven experience with evaluating security and controls on various hosted and SaaS/cloud-based technologies. 
• Strong understanding of SDLC including agile and CI/CD processes.
• Functional knowledge of Git-based source code flows including commits, pull requests, approvals, and merges.
• Ability to negotiate, influence, and partner effectively with multi-functional and remote teams where resources may not be in direct control of this role.
• Demonstrated ability to develop and execute a strategic people plan that ensures that the right people are in the right roles at the right time and that employees are highly engaged and satisfied..
• Excellent verbal and written communication skills, including the ability to explain technical concepts and technologies to business leaders, and business concepts to the security workforce.
• US resident

Preferred Experience:

• Functional understanding of AWS Well-Architected Framework components including IAM roles and trust principals, CloudTrail, CloudWatch, Elastic Kubernetes Service
• Experience with Okta or other SaaS identity providers
• Atlassian Jira
• Working with an engineering organization using Scaled Agile Framework (SAFe) patterns
• VLOOKUP and other functions in Google Sheets and Microsoft Excel 
• Experience building basic automation to perform simple API queries using Python 
• Basic SQL knowledge

About EverQuote

EverQuote operates a leading online marketplace for insurance shopping, connecting consumers with insurance provider customers, which includes both carriers and agents. Our vision is to be the leading growth partner for property and casualty, or P&C, insurance providers. Our results-driven marketplace, powered by our proprietary data and technology platform, is improving the way insurance providers attract and connect with consumers shopping for insurance.

For more information, visit https://investors.everquote.com and follow on LinkedIn.