Apply IT audit subject matter expertise across engagements; serve as a technical resource to Internal Audit team members and co-source partners
Support the SOX ITGC program by coordinating with co-source partners on scoping, reviewing testing workpapers, and tracking deficiencies through remediation
Sr. Manager, IT Internal Audit at Rbi
Execute audits of change management, access management, SDLC, computer operations, and IT regulatory compliance across corporate and brand domains
Build and maintain audit data pipelines, analytical models, and testing procedures (Python, SQL, Power BI) in support of the Director's continuous monitoring programs
Advisor for cybersecurity, data governance, and privacy control assessments (NIST, PCI, CCPA)
Support Optro GRC IT integration maintenance and data feed governance under the direction of the VP
Contribute to analytics adoption across the Internal Audit function; develop reusable testing tools and support data infrastructure decisions in coordination with the VP
Assist with IT risk assessments across brands and corporate in support of audit plan prioritization
Support Internal Audit representation in cross-functional technology governance forums as directed
Issue remediation tracking and closure; support special projects and VP advisory requests on technology risk matters
Competencies
IT Audit Leadership : Demonstrated ability to execute IT audit engagements end-to-end across complex technology environments; translates audit objectives into well-documented, risk-rated findings
SOX / ITGC Expertise : Deep, hands-on knowledge of IT general controls, SOX 404/302 IT support, and external auditor reliance strategies; experienced in deficiency assessment and Item 308(c) evaluation
Cybersecurity & Data Risk : Fluent in information security audit, IAM, cloud security, and data governance risk; able to assess control design and maturity across diverse technology stacks
Analytics & Automation : Skilled in designing and building data-driven audit programs using Python, SQL, and BI tools; able to automate testing and scale continuous monitoring coverage
Stakeholder Influence : Adept at building trusted relationships with CIO, CISO, Legal, and Data Governance without direct authority; able to communicate technical risk to non-technical audiences
Communication & Reporting : Skilled in producing polished, executive-ready audit reports and Audit Committee materials; able to translate technical findings into business-impact language and actionable recommendations
Team & Co-source Management : Experienced in directing co-source partners and guiding junior audit staff with clarity and accountability; able to coordinate multi-party engagements across specialist and internal resources
Intellectual Curiosity : Naturally drawn to emerging technology risks (AI/ML, cloud connectors, digital franchise platforms); able to translate evolving trends into timely adjustments to the audit program
Education & Certifications
Bachelor's degree in Information Systems, Computer Science, Accounting, or related field
CISA required; NIST CSF and PCI-DSS audit framework familiarity expected
CIA, CPA, CISSP, CRISC, or CISM a plus
Requirements
7+ years in IT audit, information security audit, or IT risk/compl
Additional Information
Ready to make your next big professional move? Join us on our journey to achieve our big dream of building the most loved restaurant brands in the world.
Restaurant Brands International Inc. is one of the world's largest quick service restaurant companies with nearly $45 billion in annual system-wide sales and over 32,000 restaurants in more than 120 countries and territories.
RBI owns four of the world's most prominent and iconic quick service restaurant brands - TIM HORTONS®, BURGER KING®, POPEYES®, and FIREHOUSE SUBS®. These independently operated brands have been serving their respective guests, franchisees and communities for decades. Through its Restaurant Brands for Good framework, RBI is improving sustainable outcomes related to its food, the planet, and people and communities.
RBI is committed to growing the TIM HORTONS®, BURGER KING®, POPEYES® and FIREHOUSE SUBS® brands by leveraging their respective core values, employee and franchisee relationships, and long track records of community support. Each brand benefits from the global scale and shared best practices that come from ownership by Restaurant Brands International Inc.
Reporting to the VP, Internal Audit, the Senior Manager, IT Internal Audit is a hands-on IT audit practitioner and subject matter resource within RBI's Internal Audit function. The Senior Manager executes IT audit engagements across all four brands - performing IT operational and cybersecurity audits and data governance reviews - under the direction of the VP. The Senior Manager also contributes to RBI's audit analytics capability, building and maintaining data-driven testing procedures and supporting the continuous monitoring programs that underpin the broader Internal Audit program.
Rbi · Corp - Miami Corporate Office