Manager, IT Audit

At Veracyte, we offer exciting career opportunities for those interested in joining a pioneering team that is committed to transforming cancer care for patients across the globe. Working at Veracyte enables our employees to not only make a meaningful impact on the lives of patients, but to also learn and grow within a purpose driven environment. This is what we call the Veracyte way – it’s about how we work together, guided by our values, to give clinicians the insights they need to help patients make life‑changing decisions.

Our Values:

• We Seek A Better Way : We innovate boldly, learn from our setbacks, and are resilient in our pursuit to transform cancer care.
• We Make It Happen : We act with urgency, commit to quality, and bring fun to our hard work.
• We Are Stronger Together : We collaborate openly, seek to understand, and celebrate our wins.
• We Care Deeply : We embrace our differences, do the right thing, and encourage each other.

The Position

The Manager, IT Audit is a leader within the Internal Audit team, responsible for planning, overseeing, executing, and reporting on IT audits, control assessments, and risk reviews across technology domains, including SOX and operational audits. This role provides independent, objective assurance and advisory services over IT General Controls (ITGCs), application controls, cybersecurity, cloud platforms, data governance, and emerging technology risks, helping Veracyte strengthen its control environment and manage IT risk. This role will focus on building strong relationships with internal stakeholders and external audit and has a forward‑thinking approach to audit innovation.

Key Responsibilities

• Independently manage the SOX IT controls testing program, including planning, scheduling, execution of walkthroughs and testing, evidence collection, deficiency assessment, and remediation tracking.
• Perform comprehensive risk assessments to identify areas of audit focus and potential weaknesses in internal controls with the support of the broader internal audit team.
• Lead, mentor, and manage direct reports, providing guidance, feedback, and professional development opportunities.
• Develop audit testing attributes, audit procedures, and scope audit activities to address key risks and control objectives.
• Oversee the preparation and perform the review of audit workpapers, narratives, and flowcharts, ensuring documentation is well‑supported and includes an evaluation of operational efficiency, control effectiveness, and policy compliance.
• Prepare comprehensive audit reports and project updates, communicate results effectively in writing and verbally, and ensure clarity and context for diverse audiences, including senior management and external partners.
• Build and maintain trusted relationships with internal and external partners, including IT, Finance & Accounting, GRC, and external auditors, to coordinate SOX testing, remediation, and broader security initiatives.
• Lead or support special projects related to security initiatives, investigations, risk management, and process improvements.
• Identify and develop opportunities for AI, automation, or data analytics to enhance audit procedures and outcomes.
• Ensure accurate and current documentation in risk and control matrices, deficiency logs, and audit management systems.

Who You Are

• 6+ years in internal audit or IT audit, with progressive leadership experience and deep knowledge of internal controls, information security, and SOX. Experience in life sciences industries preferred.
• Bachelor’s or Master’s degree in information systems, computer science, accounting, or related field required.
• Experience in Big 4 public accounting or large corporate internal audit environments preferred.
• At least one professional certification (CISA, CISSP, CIA, CPA, etc.).
• Proven experience executing audits under internal control frameworks, audit standards, and compliance frameworks (SOX, COSO, GAAP, IIA, ISACA, COBIT, ISO 27001, NIST, CMMC).
• Strong project management and communication abilities.
• Experience managing and leading teams.
• Experience with testing controls for enterprise SaaS vendors (e.g., NetSuite, Workday, ADP, Salesforce, Snowflake).
• Demonstrated ability to audit IT applications, databases, operating systems, network systems, and cloud infrastructure.
• Experience auditing segregation of duties (SOD), ITGCs, ITACs, system development lifecycle controls, and evaluating completeness and accuracy.
• Proficiency with data analytics tools (Power BI, Tableau, Alteryx), audit management tools (Auditboard), and Microsoft Office suite.
• Strong commitment to professional judgment, integrity, confidentiality, and ability to maintain objectivity and independence.
• Strong leadership, analytical, and problem‑solving skills.
• Ability to present ideas and provide practical, operational advice in business‑friendly language.
• High attention to detail, initiative, self‑motivation, and ability to manage multiple projects and teams.

Location & Salary

We offer competitive compensation with US salaries ranging from $134,000 to $152,000 and San Diego office salaries ranging from $145,000 to $152,000. The final salary offered will depend on factors such as experience, skills, geography, education, and other criteria. Base pay is one part of the total compensation package, and this role may be eligible for discretionary bonuses, incentives, and restricted stock units.

What We Can Offer You

Veracyte is a growing company that offers significant career opportunities for those who are curious, driven, patient‑oriented and who aspire to help us build a great company. We offer competitive compensation and benefits, and we are committed to fostering an inclusive workforce, where diverse backgrounds are represented, engaged, and empowered to drive innovative ideas and decisions.

Veracyte, Inc. is an Equal Opportunity Employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. Veracyte participates in E‑Verify in the United States.