The ultimate source for official answers about a business online should be the business itself. However, when consumers ask questions on company websites, too often they are left in the dark with wrong answers. Yext (NYSE: YEXT), the Search Experience Cloud, solves this problem by organizing a business's facts so it can provide official answers to consumer questions — wherever people search. Starting with the company website, then extending across search engines and voice assistants, businesses around the world, like T-Mobile, Jaguar Land Rover, BBVA USA, and Kiehl’s — as well as organizations like the U.S. State Department and World Health Organization — trust Yext to radically improve the search experience on their websites and across the entire search ecosystem.
We are looking for a highly-motivated experienced Senior Analyst to join us in Yext’s IT department based in our NY headquarters. This position will support the IT team in the development of policies, processes and controls around Yext’s SOX, SOC2 and other risk management activities. Yext’s IT Audit and Compliance team seeks to build leading technology risk management practices that improve efficiency and enhance the audit and risk management experience for our partners!
The role will require an execution-oriented and solid team player who can work across the organization to help manage our audit requirements, identify process improvements and lead themselves and others in project completion. The ideal candidate will have a firm grasp of governance, risk and controls in a cloud based IT environment with technical understanding of IT infrastructure. The position will be responsible for proposing improvements to the company’s policies, procedures and controls around information security, logical access, change management, issue remediation, control design, assisting with risk assessments and crafting compliance monitoring strategies.
What You'll Do
- Execute on our IT compliance plan to ensure an effective internal control environment for SOX, SOC 2 and other regulatory requirements.
- Develop and maintain ITGC process flows, procedural documentation and compliance strategies for key SOX applications in a complex SaaS environment.
- Educate the IT organization on governance, risk and controls/compliance concepts
- Assist management in development and implementation of remediation plans related to IT controls and provide recommendations for improvements.
- Assist in developing policies and procedure documents based on ISO27001/2 standards.
- Support the management in identifying key technology risks, mitigation strategies and improvements to the business process.
- Support risk and control considerations related to IT relevant projects, including vendor evaluations, system implementations, newly scoped systems, UAT documentation, onboarding of application to ITGC processes and initial testing of application controls, etc
- Build and maintain internal control narratives, flowcharts and risk matrices.
- Work closely with external parties for all matters related to IT, including IT issues related to SOC 1, SOC 2, SOX, and financial audits.
What You Have
- 3-5 years of combined experience in the fields of Information Systems audit, Risk Assurance, Internal and/or External audit (Big 4 preferred)
- Experience working for a SAAS company preferred
- Experience in working with both cloud and on-premise applications preferred
- Bachelor’s Degree or similar college level education in Information Systems, Accounting or a related field
- CISA or equivalent Information Technology audit or security certifications are preferred
- Working knowledge of information security and computer network, server, database technologies
- Knowledge of the COSO 2013, COBIT and ITIL frameworks preferred
- Knowledge of GDPR, ISO27001/2, HIPAA and other regulations preferred
- Proven ability to lead self in executing discrete tasks and developing compliance strategies to drive effective results
- Self-starter who demonstrates initiative and displays a high energy level
- Strong organizational, prioritization and process improvement skills
- Effective verbal and written communication skills
Yext is committed to building an inclusive and diverse culture where every person is seen, heard and valued. We believe in equal employment opportunity and welcome employees and applicants of all races, colors, ethnicities, religions, creeds, national origins, ancestries, genetics, sexes, pregnancy or childbirth, sexual orientations, genders (including gender identity or nonbinary or nonconformity and/or status as a trans individual), ages, physical or mental disabilities, citizenships, marital, parental and/or familial status, past, current or prospective service in the uniformed services, or any characteristic protected under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you require a reasonable accommodation in completing this application, interviewing, or participating in the employee selection process, please complete this form.