Customer Audit Manager

The Customer Trust Team

The Okta Security team’s mission is to strengthen Okta’s position as the leading Identity-as-a-Service solution by identifying and resolving risks to the employees, product, and most importantly, our customers.The Customer Trust team works to enhance customer trust in the identity products our teams build. We serve as a strategic resource working closely with Okta’s GTM teams.

We are also the voice of Okta Security, both externally and internally. It's our role to influence how the Okta security brand is perceived and to shape the security culture of the company. Through our continued focus and partnership, we aim to ensure that:

1. When people think of Okta, they think of a leading zero trust cybersecurity company
2. When people work at Okta, they role model the best security behaviors to meet the high standard we set for security inside the company.

The Customer Audit Manager Opportunity

Demonstrating Okta’s security program to customers and prospects is a core responsibility of the Customer Trust team, and to meet rapidly growing demand, we are seeking a Manager of Customer Audit to lead this capability of our team. This role will be responsible for creating a customer & prospect audit program, maintaining an evidence collection for presentation, coordinating and hosting security audits both virtually and on-site in our San Francisco Executive Briefing Center, and other locations in North America and globally as required.

Okta’s Customer Trust team is a highly technical group, and the ideal candidate will have hands-on experience with the technical implementation of SOC2 and ISO controls in a cloud-based environment, while maintaining the ability to describe the effectiveness and risk mitigation of these controls to an auditor. The candidate will also have the ability to train and manage employees globally to support Okta’s international growth. This unique position has the opportunity to not only interact with the security teams of Fortune 500 companies, but also create a highly visible example for exceptional third-party risk assessments.

What you’ll be doing

• Create and communicate a strategy to deliver Okta Security’s audit program, maintaining a stakeholder group across the business and security team
• Cooperate with the Security Compliance team to create and maintain an evidence repository for use in third-party risk audits
• Coordinate and schedule customer or prospect onsite and virtual audits
• Understand customer or prospect risk concerns and lead the presentation of evidence material to resolve these concerns
• Interact with the Customer Trust team to develop and publish content regarding Okta’s security controls
• Coordinate between Customer Trust, the GRC team and other Okta stakeholders to document, manage, track, and proactively communicate ownership and status updates regarding audit observations accepted by Okta, between those groups and also back to the customer or prospect
• Collaborate with Okta Security on other projects, as applicable

What you’ll bring to the role

• Bachelor’s degree in Computer Science or Management Information Systems, or equivalent work experience
• In-depth knowledge of IT security frameworks and best practices, such as NIST SP800 publications, CoBIT, CCM, and Trust Principles and Criteria
• Experience in IT regulation and compliance standards such as SOC 1 and 2, ISO27001, and ISO42001
• Working knowledge of terms and concepts used in information security, privacy, risk assessments, and contingency planning
• Understanding of IT and cloud methodologies, such as software development lifecycle and operations
• Excellent oral, written, and presentation skill

Helpful Certifications / Skills:

• Certified Information Security Auditor (CISA)
• GIAC Security Essentials (GSEC)
• Certified Information Systems Security Professional (CISSP)
• Certificate of Cloud Security Knowledge (CCSK)
• Certificate of Cloud Auditing Knowledge (CCAK)

(P22277_3450312)

#LI-Hybrid

#BB-1