Overview

The CG Segment is responsible for ensuring Intuit's customers can prepare and file their taxes securely and with confidence and know their data is managed with privacy in mind.

The Staff Technical Compliance Manager assists in ensuring our cross functtion Business Units such as Consumer Group, Platform Acceleration Group, Virtual Expert Platform, Customer Success and associated assets meet technical compliance requirements, including the ISO27001 standard, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX) Information Technology General Controls (ITGC), the California Privacy Rights Act (CPRA), EU's General Data Protection Regulation (GDPR), IRS Section 7216, and Trusted Services Principles (SOC2). This role will work closely with Consumer Group (CG) segment teams and CyberCRAFT governance, risk and compliance teams to ensure Intuit offerings and uses of technology adhere to good security and privacy practices and meet regulatory and industry standard requirements. This includes working with internal and external auditors to oversee audit activities and monitor remediation of audit findings.

What you'll bring

• Knowledge of common compliance and regulatory frameworks used in the technology and software industry

• Demonstrated ability to organize and lead audit activities

• Experience in evaluating risks associated with various technologies

• Demonstrated ability to learn and share knowledge

• Demonstrated ability to audit a software application for compliance to regulatory standards

• The ability to communicate with individuals at any level in the organization as well as with customers, partners, auditors and governing agencies

• Ability to document, review and analyze core business processes

• Ability to think critically about security, privacy, compliance and risk practices and their effective application to real business situations

• Willingness to work across boundaries to solve problems across multiple technologies and business domains

• BA/BS in a field related to appropriate function or equivalent experience

• Experience as an external auditor a plus

• Preferred: one of more of the following certifications: CISA, CIPT, CIA, CGEIT, CRISC, CRMA, PCIP or PCI ISA

How you will lead

The Staff Technical Compliance and Audit Specialist will:

• Assess the compliance posture of CG Segment assets relative to technical compliance requirements

• Assist teams in developing and implementing controls that satisfy relevant compliance frameworks

• Lead the annual NIST SP 800-53 review of security controls for the IRS and the Indiana Department of Revenue annual self-assessment (INDOR)

• Maintain process compliance and process evidence to fulfill audit requests

• Oversee execution of technical audits and audit-related activities, including PCI, SOX, SOC2 Type II and ISO27001

• Respond to requests for audit evidence

• Coordinate responses to security assessments (requests for information) from customers and business partners

Additionally the successful candidate for this position will:

• Develop strong relationships with the business to understand their goals, mission, business drivers and compliance posture

• Follow activities of external policy making bodies to understand the impact their decisions may have on Intuit's ability to maintain compliance as required

• Participate in discussions with Intuit workers and executives pertaining to design, implementation and operations of security, compliance and privacy practices

• Provide input on multi-year, cross-functional security, privacy and technical compliance strategy and roadmaps

EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.