Senior Manager - Technology Risk Audit

Location: Customer Support Center

Time Type: Full time

Job Description

At DICK’S Sporting Goods, we believe in how positively sports can change lives. On our team, everyone plays a critical role in creating confidence and excitement by personally equipping all athletes to achieve their dreams.  We are committed to creating an inclusive and diverse workforce, reflecting the communities we serve.

If you are ready to make a difference as part of the world’s greatest sports team, apply to join our team today!

OVERVIEW:

As Dick’s Sporting Goods continues to grow and invest in its technology ecosystem, we’re expanding our Internal Audit team with several new Technology Internal Audit roles. These positions are part of our ongoing focus on strengthening our partnership with Technology to provide assurance and insights as they build for what’s next.

The Senior Manager - Technology Risk Audit will be responsible for serving as a trusted advisor for the Company, specifically serving in an assurance, consultative, and advisory capacity.  This position will report directly to the Sr. Director – IA Strategy & Transformation and be responsible for leading audits over technology processes, cybersecurity controls, and governance frameworks, providing actionable insights to senior leadership and driving continuous improvement in risk management practices.    This role is also responsible for performing ongoing risk assessments, planning, and executing the Audit Plan that is designed to address the significant technology risks and to evaluate and test the internal control structure and operational processes.  The Senior Manager – Technology Risk Audit is also responsible for managing a team of Senior Technology Risk Auditors, including managing concurrent projects, adapting the schedule to accommodate for special projects requested by Management, and mentoring/developing the team.

Assurance Audits (including technology and integrated audits)

Assurance Audits (including core technology, cybersecurity, and audits over emerging risks)

• Assist in identifying and understanding technology and cybersecurity risks and developing risk-based audit plans and programs over audit areas including platforms and infrastructure, cloud environments, cybersecurity topics (e.g., identity and access management), governance topics (e.g., third-party risk management, technology governance) and emerging risks (e.g., AI)
• Identify risks relevant to applicable audits and determine the extent of testing procedures to be performed, including performance of exposure/residual risk analyses and root cause analyses
• Lead the planning and organizing of technology, cybersecurity, and emerging risk audits; design audit programs using recognized frameworks (e.g., NIST CSF)
• Review work programs and test procedures drafted by Technology Audit team for coverage and design of testing procedures to meet audit objectives
• Oversee audit team's fieldwork, including reviews of teammates' work papers
• Establish and maintain appropriate professional contacts and relationships with Company personnel
• Advise business and technology partners on control design improvements, remediation strategies, and best practices in areas such as secure cloud operations and trustworthy AI
• Lead senior auditors in their performance of multiple concurrent audits and develop and design a detailed audit program that will achieve audit objectives on time
• Assess the adequacy and efficiency of operating policies and procedures and compliance with established Company and regulatory policies and procedures
• Perform and/or review the evaluation of audit results prior to Sr. Director of IA Strategy & Transformation review to:

• Ensure completeness and effectiveness of audit results are in line with original audit scope
• Assess the adequacy and efficiency of operating policies and procedures

• Recommend alternative policies, procedures or efficiencies
• Draft insight-oriented audit reports and presentations that communicate findings, insights, and areas for improvement to the auditee and Executive Management (where applicable).  Create insight-oriented deliverables that consider root causes, impact/exposure, and both near and long-term recommendations/solutions for the auditee and Executive Management.  Tailor and summarize deliverables based upon audience for the appropriate level of detail. Partner with business and technology stakeholders in tracking remediation actions to close audit issues and address thematic risks

Team Leadership & Development

• Supervise a team of senior technology risk auditors, providing coaching, feedback, and career development pathways
• Foster a culture of continuous learning, such as by encouraging certifications, training, and technical skill growth
• Allocate resources effectively across concurrent audit projects

Methodology & Innovation

• Enhance audit methodologies by integrating data analytics, automation tools, and emerging technologies
• Remain knowledgeable of industry trends, regulatory changes, and evolving cyber risks
• Contribute to the Internal Audit department’s knowledge base and best practice repository

Consulting / Special Projects

• Identify potential areas of assistance to the business in the development and/or implementation of process efficiencies, control improvements and best practices
• Create detailed audit programs to achieve project objectives for short notice special projects at the request of Senior Management
• Establish and draw upon strategic working relationships and Company knowledge to complete consulting/special projects in a quick time frame
• Assist with special assignments

Store and Distribution Center Audits

• Perform on-site physical inventory observations and other audit procedures at various stores
• Assist financial/operational audit team in performing Distribution Center audits
• Communicate audit findings and recommendations for improvement to Management via audit reports and closing meetings

QUALIFICATIONS:

• Bachelor's Degree

• Information Systems Management, Cybersecurity,  Data Science, or field

• 7-10 years' experience

• Total years of experience – 7+ ; Total public accounting, consulting, and/or internal audit years of experience – 5+; Previous experience within the retail, or tech industry a plus

#LI-JD1

VIRTUAL REQUIREMENTS:

At DICK’S, we thrive on innovation and authenticity. That said, to protect the integrity and security of our hiring process, we ask that candidates do not use AI tools (like ChatGPT or others) during interviews or assessments.

To ensure a smooth and secure experience, please note the following:

• Cameras must be on during all virtual interviews.

• AI tools are not permitted to be used by the candidate during any part of the interview process.

• Offers are contingent upon a satisfactory background check which may include ID verification.

If you have any questions or need accommodations, we’re here to help. Thanks for helping us keep the process fair and secure for everyone!