IT Security Internal Audit Senior Manager

Gong harnesses the power of AI to transform how revenue teams win. The Gong Revenue AI Operating System unifies data, insights, and workflows into a single, trusted system that observes, guides, and acts alongside the world's most successful revenue teams. Powered by the Gong Revenue Graph, AI-powered intelligence, specialized agents, and trusted applications, Gong helps more than 5,000 companies around the world deeply understand their teams and customers, automate critical sales workflows, and close more deals with less effort. For more information, visit www.gong.io.

At Gong, you will join a company built on innovative products, ambitious goals, and passionate people. We are shaping the future of revenue intelligence and we want people who are excited to build what comes next. You will work with a team that dreams big, moves fast, and cares deeply about the craft and about each other. Here, transparency and trust are core to how we operate, and every person has the opportunity to make a visible impact. If you want to grow, stretch, and do work that truly matters, Gong is the place to do the best work of your career.

We're looking for an IT and Security risk professional with deep experience in internal audit, controls design and testing who approaches the work as a trusted advisor and problem solver-not a checkbox-driven compliance auditor. You understand IT operations, security architecture, IT General Controls at a public-company level, but you focus on what actually works in practice and keeps business moving at speed.

This role is ideal for someone who knows how internal audit should function, but prefers partnering with the business, engineering, and security teams to strengthen controls, manage risk, and enable smart growth-without slowing teams down.

You'll start as an individual contributor with significant autonomy, influencing across technology and security organizations to help design and test a control environment that scales, stands up to scrutiny, and supports rapid execution.

RESPONSIBILITIES

• Partner with technology, security, and application owners to design, document, and test practical internal controls over IT and Security, including ITGCs and application controls
• Lead public-company-level IT and security control assessments and testing, with a strong focus on risk relevance and control effectiveness
• Identify control gaps and emerging risks, and collaborate with stakeholders on clear, actionable remediation strategies
• Execute walkthroughs, testing, and audit documentation end-to-end with clarity, efficiency, and judgment
• Document and communicate findings, root causes, and recommendations in plain, business-friendly language
• Apply data analytics and AI-enabled techniques to enhance audit and controls testing coverage
• Build trust across teams by acting as a thoughtful advisor and partner, not a compliance cop
• Present results, insights, and progress updates to senior management and leadership
• Support the development of a modern, risk-focused audit strategy covering engineering, product development, cybersecurity and Corp IT
• Ensure audit work products meet quality standards aligned with professional and regulatory expectations-without unnecessary bureaucracy
• Collaborate closely with engineering, security, and compliance teams to deliver cohesive and non-duplicative coverage of technology risks

QUALIFICATIONS

• 10+ years of experience in internal audit, IT controls, security assurance, or related roles (public accounting a plus)
• Bachelor's degree in Accounting, MIS, Business, or a related field
• CISA, CIA, CPA, CISSP, or similar certification preferred
• Strong understanding of SOX, PCAOB/SEC guidance, COSO, and AS5-applied with judgment
• Experience working in or supporting a public company environment
• High integrity, accountability, and-yes-a sense of humor

YOU ARE

• Strong hands-on experience with IT and security internal auditing, controls testing, and risk assessment
• A pragmatic, business-first mindset with strong analytical and problem-solving skills
• Comfort operating in ambiguous environments and balancing multiple priorities
• Clear, confident communicator who can influence without relying on authority
• Ownership mentality with a willingness to roll up sleeves and get into the details - you are a doer as much as a thought leader
• Working knowledge of IT and security frameworks, cloud environments, and regulations including GDPR and Privacy
• Practical experience using data analytics and AI to support audits
• Experience supporting or auditing SaaS and technology-driven business models

PERKS & BENEFITS

• We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family's needs.
• Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
• Mental Health benefits with covered therapy and coaching.
• 401(k) program to help you invest in your future.
• Education & learning stipend for personal growth and development.
• Flexible vacation time to promote a healthy work-life blend.
• Paid parental leave to support you and your family.
• Company-wide recharge days each quarter.
• Work from home stipend to help you succeed in a remote environment.

The annual salary hiring range for this position is $175,000 - $210,000 USD.

Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location. At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Some of our sales compensation programs also offer the potential to achieve above targeted earnings for those who exceed their sales targets.

We are always looking for outstanding Gongsters! So if this sounds like something that interests you regardless of compensation, please reach out. We may have more roles for you to consider and would love to connect.

We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.

Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.

To review Gong's privacy policy, visit https://www.gong.io/gong-io-job-candidates-privacy-notice/ for more details.

#LI-NK1