Manager, IT Risk & Controls
Job Description & How to Apply Below
Responsibilities
- Identify, evaluate, and prioritize IT risks across Open Table’s operations.
- Oversee regular risk assessments and control certification/validation activities.
- Monitor emerging IT risks and propose mitigation strategies.
- Lead the design and implementation of internal controls over technology systems and processes, particularly those supporting financial reporting (e.g., SOX compliance).
- Guide teams in the execution of user access reviews, segregation of duties monitoring, change management controls, and other standard IT controls.
- Maintain documentation of controls, processes, and evidence required for internal and external audits.
- Manage quarterly and annual control certification and user access review cycles.
- Serve as a liaison between IT, the Finance organization, and external auditors.
- Support ITGC (IT General Controls) management testing.
- Investigate any identified control deficiencies, oversee remediation efforts, and work to strengthen and automate internal controls as appropriate.
- Continuously improve risk management processes using technology, analytics, and cross-functional input.
- Partner with cross-functional leaders at Open Table, supporting business objectives while ensuring a risk-aware culture.
- Present risk and control status updates to senior leadership as needed.
- Develop and maintain IT risk management policies, control standards, and governance frameworks.
- Ensure alignment with Booking Holdings (BKNG) group policies and broader compliance requirements.
- Bachelor’s degree (or above) in IT, Engineering, or Accounting/Finance.
- 7+ years of progressive experience coordinating IT SOX compliance activities and maintaining IT Risk and Control Matrices/Frameworks.
- Leadership experience in IT risk management, audit, compliance, or a related field.
- Deep knowledge of internal controls over financial reporting, information security, and regulatory standards (e.g., SOX, COSO, COBIT, NIST).
- Strong analytical, communication, and stakeholder management skills.
- Experience working with auditors and managing audit processes.
- Ability to collaborate with both technical and non-technical stakeholders.
- Professional certifications (such as CISA, CISSP, CRISC, CIA, or similar) preferred.
- Experience in Big 4 Accounting/Professional Services is preferred.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×