Lead, Internal Controls

WeWork New York, NY

Reporting to the Manager of Internal Controls, the Senior Lead will play an integral role in maintaining and supporting the integrity and effectiveness of the Company’s IT control environment. For this role, we are looking for a proactive self-starter who enjoys working in a challenging and fast-paced environment. Communication skills, attention to detail, and an objective approach to learning and problem-solving are a must.


The right candidate will have a passion for technology, governance, and automation along with a desire to champion best practices in a high-volume, dynamic environment. This person will ensure that the activities of the technology support teams are in compliance with controls, processes and policies set by the Company. They will ensure the proper management and maintenance of technology services that support the business as well as a set of policies, procedures, and controls that is applied to technology across the organization to enforce corporate standards and assure regulatory compliance. This individual will also maintain awareness of the infrastructure and systems domains and conduct research and oversee risk mitigation activities towards achieving governance and compliance program goals.


Job Summary

  • Execute day-to-day activities required for the development and tracking of an IT governance and compliance program including communication and management of policies, controls and practices supporting technology risk, compliance, and information security objectives.
  • Collaborate with the Internal Audit team on the Company’s ongoing SOX compliance, SSAE18/SOC, and data privacy efforts.
  • Collaborate with Information Security on tasks related to Cybersecurity, data privacy, ISO certifications, and efforts to promote leading practices in our IT processes
  • Assist with SOX scoping activities and company-wide and IT-specific risk assessments to evaluate and address any impact the results may have on the IT control environment.
  • Lead the design and implementation of efficient and effective application level and infrastructure level IT controls in all departments within the organization.
  • Validate that documentation of the control environment (e.g., process flows, control matrices, narratives) are kept current.
  • Conduct periodic meetings/walkthroughs with process owners to ensure any changes to process are updated and properly assessed for control gaps.
  • Provide guidance over technology governance and control activities to ensure adherence to process and compliance goals are achieved.
  • Support remediation efforts within the finance and IT departments in collaboration with Internal Audit, control owners and software owners.
  • Maintain working knowledge of SOX Section 404 regulations and guidance and stay current to changes in regulatory guidance, industry best practices, and areas of focus/hot topics for IT internal controls/SOX.
  • Implement IT Service Management (ITSM) best practices across the organization
  • Perform pre- and post-systems implementation reviews
  • Support external audits through project and request list management, communicating with auditors and assistance in obtaining audit support, if necessary.
  • Develop and maintain third-party security standards and assessment methodologies around suppliers, vendors, and service providers.
  • Provide project management and program leadership, including process improvement, business process and data analysis, process documentation and support for IT project life cycle for supporting programs and tools.


Skills and Experience Required

  • 4+ years of experience working with technology governance, internal controls, and compliance activities including IT audit, Sarbanes Oxley, COSO, COBIT, ITIL, and data privacy laws and regulations.
  • Bachelor’s or master’s degree in business, finance, accounting, computer science, information systems, engineering, or a related discipline preferred.
  • Industry certification(s) such as CPA, CISA, CISSP, CISM, PMP or CRISC preferred.
  • Financial systems and ERP experience required (Workday preferred).
  • Experience in executing technology risk assessment methodologies and familiarization with audit testing and relevant documentation standards.
  • Experience in working with modern cloud Software as a Service (SaaS) and Platform as a Service (PaaS).
  • Experience with evaluating and testing controls around the full technology stack from application, operating system, database, and networking layers.
  • Project management, program management, or IT applications or operations support experience required.
  • Ability to work closely with people at all levels of the organization and facilitate the implementation of corrective action, as needed.
  • Ability to analyze, communicate, articulate governance and compliance trends and program requirements.
  • Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.


Life At WeWork

Being a WeWorker is more than just a job. We believe the magic of work is sparked by the passion you bring, the places you go, the people you meet and the purpose you follow. And it starts here. Here you will brush shoulders with those who dare to dream and do. Here you will be welcomed by a diverse community that embraces and inspires you—because together we can achieve more. Here we challenge ideas, and explore new ways of getting things done. Whether you are part of our Employee Community Groups, or part of a global project, we ask you to bring your open-minded attitude and collaborative spirit. In return, you will be part of a team where your unique perspectives are celebrated. 


WeWork is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon gender, sexual orientation, marital or civil status, pregnancy (or pregnancy-related conditions), gender identity or expression, transgender status or gender reassignment, race, color, national origin or ancestry, citizenship, religion or religious beliefs, age, physical or mental disability, genetic information (including genetic testing and characteristics), military or veteran status, or any other grounds or characteristic that is protected under the law.


As part of our commitment to health and safety, WeWork — like a growing number of employers — is requiring all U.S. employees to be fully vaccinated for COVID-19 as a condition of employment, absent a legal exception for reasonable accommodation.  We provide unvaccinated new hires a 45-day grace period after their start date to get fully vaccinated or, if eligible, obtain a reasonable accommodation. If you believe that a legal exception may apply to you, please still apply for any role(s) you are interested in and, if you are hired, you will receive instructions on how to request a reasonable accommodation after your start date. Please note that roles that require in-person work — currently, within our Community (excluding Member Experience), Facilities Management (including Security), Sales (excluding Sales Ops), and Member Technology teams — will not be eligible for work-from-home as an accommodation because it poses an undue hardship on our business.

Subscribe to Job Alerts