Yext is the global location data management leader, and our mission is to help people Go Places™. The award-winning Yext Location Cloud enables companies of all sizes to manage location data across their websites, mobile apps, internal systems, and the industry’s largest ecosystem of maps, apps, social networks, directories, and search engines including Google, Apple, Facebook, Bing, and Yahoo. Learn more about how we help people go places at yext.com.
In the IT group at Yext, we are in the business of trust and reliability. We create, maintain and operate scalable IT solutions that deliver an exceptional experience for our customers and business partners – who trust and rely on us. We are creating an infrastructure that scales and supports Yext's ambitious vision. That requires a smart, highly collaborative team who can identify and investigate new technologies to continue to deliver and scale globally and securely.
The IT Audit and Compliance Specialist is responsible for managing, supporting, and optimizing the IT regulatory and compliance programs and corporate business continuity plans. This individual will perform audits and assessments of risk & design, develop and write IT and Information Security (InfoSec) policies and standards, lead process improvement, create and administer policy communications and training, integrate technology risk management processes, and ensure business continuity plans are current.
He / She will build and lead a team of a highly-collaborative and results-oriented IT staff tasked with delivering key projects and maintenance efforts the create an eco-system of cloud applications that are set to scale with the hyper growth trajectory of Yext.
Because the role requires a high degree of internal customer interaction, the candidate must have superior communication and influencing skills, an understanding of business process and systems and the ability to organize and prioritize end user issues/requests.
This position is an Individual Contributor and reports to the CIO.
Primary Responsibilities and Activities
- Develop, publish, maintain, conduct audits, and assess information technology (IT) security and compliance policies and standards.
- Lead IT security team members, and external audit firms, contractors, and vendors to execute on GRC plans initiatives.
- Establish and execute multi-year plans for technology security, and compliance policies, standards, and assessments.
- Devise metrics and reporting to demonstrate technology policy/standards/guidance adoption, implementation, and adherence.
- Initiates, builds, and maintains collaborative working relationships with IT teams, other business units, and senior leadership. Works directly with leadership and teams to identify and develop policy and standards designs, implementation, and utilization.
- Advances continuous process optimization and improvement through current knowledge, industry best practices and developments, research, and design.
Additional Essential Functions
- Serve as the SME for IT-focused Sarbanes Oxley (SOX) for Yext; proactively identify projects that impact SOX plan(s); and ensure SOX process is successful.
- Direct IT audits and compliance assessments (plan, source, coordinate, conduct, analyze, summarize, report, and outline business impact); provide leadership with applicable recommendations, strengthening solutions, support and follow-up; ensure appropriate and adequate controls are maintained and adhere to SOX, SOC2 and Privacy regulatory requirements; continually maintain current knowledge of industry best practices and developments. Serves as comprehensive compliance resource for a wide-range of inquiries.
- Support IT team compliance strategy and planning for Yext. Ensure all existing and developed Business Continuity (BC) policies and Disaster Recovery (DR) Plans, internal audit, and SOX are in compliance with requirements and standards.
- Develop BC and DR training materials for on-boarding, classroom, CBT, and facilitate targeted training presentations across various levels of the organization.
- Manage coordination of IT General Controls (ITGC) and compliance testing activities and communications with the internal and external auditors and assessors; educate and advise members of business and IT on compliance testing; provide recommendations and guidance on implementation and enhancement of IT controls.
- Conduct successful biannual user certification process.
- Organize and conduct the annual Information Security Risk Assessment while implementing improvements to the current process.
- Performs additional assignments and activities as necessary.
Education and Training
- Bachelor's degree in an IT-related discipline or equivalent practical experience.
- CISA or equivalent Information Technology audit or security certifications are preferred.
- 5+ years of IT Audit or Compliance experience with a minimum 2 years of proven success in a leadership role.
- 3-5 years experience in policy, procedure, and standards development for a large IT environment.
- Previous technical writing experience preferred.
Required knowledge and Skills
- Significant knowledge of information technology processes and controls and regulatory frameworks and control requirements, such as COBIT, Sarbanes-Oxley, PCI Data Security Standards, and Data Privacy and Protection legislation.
- Demonstrate skills in system/process analysis. Ability to assess operational needs and adjust against legal and regulatory compliance requirements.
- Strong understanding of process and technology in order to provide input into strategy, planning, development, execution, monitoring, and analysis; contributes to the development of innovative principles and solutions.
- Working knowledge of information security and computer network, server, database, and user access technologies.
- Excellent verbal and written communication skills necessary to work with minimal supervision, edit and prepare documentation, prepare and present reports and proposals to senior leadership; able to interact with and work effectively with IT and other business units.
- Possess strong project management skills.
- Ability to drive continuous improvement processes that enhance personal and department's performance.
- Have the necessary leadership, team building, motivation, and delegation skills to efficiently coordinate the efforts of a team toward accomplishing a common goal.
- Ability to work independently and with cross-functional teams.
- Ability to work on multiple projects and tasks concurrently.
Compensation, Benefits & Perks
Yext currently employs over 500 amazing people around the globe. Our headquarters are in the historic Flatiron District in New York City, with additional offices in Chicago, Dallas, London, and Washington DC. Yext offers the following exceptional benefits: competitive compensation, 401k, unlimited snacks, daily meal allowance, flexible hours / paid time off, and excellent health / dental / vision insurance. Our mission is to help people go places—both consumers to our customers’ doorsteps and our employees to new heights in their careers. We treat our employees well and offer tremendous growth opportunities. Challenging work pushes our people to be creative in a casual environment that is caring, fun, and collaborative. We believe that when you have smart, happy people working together you can produce something special.
Yext is based in the heart of New York City with over 500 employees worldwide operating in Chicago, Dallas, Washington D.C., Germany, and the UK. Yext has been recognized as one of America’s fastest growing companies by the Inc. 500 (#212 in 2015), one of Forbes’ Most Promising Companies (2014 & 2015) and one of Fortune's Best Places to Work (2014 & 2015). Learn more about how we help people go places at yext.com.
You can learn more about the Yext team and culture on themuse, in Forbes, and on our website and blog.