Staff Information Security Auditor

The Internal Audit team's mission is to call attention to risks and drive actions to address those risks to protect Tesla. The team partners with IT, Engineering, and Information Security/Privacy groups to identify areas of risk and make valuable recommendations on standardization of processes and controls.

Tesla is seeking an experienced information security auditor to plan, execute, lead, and report on operational, information security, and technical transformation audits. This position is responsible for leading complex activities associated with completing internal audits, as well as performing other short-term projects to provide recommendations on standardizing controls within corporate, product, and manufacturing IT environments.

• Build and grow strong relationships with cross-functional teams (IT, InfoSec, GRC, Legal, Engineering)
• Lead and execute risk based IT audit plans, assessing systems, processes, and controls to ensure compliance with regulations and/or internal policies
• Interact extensively with cross functional teams and be comfortable executing projects in areas of product security, data security, vulnerability management, and end point security
• Take on complex challenges to drive risk assessments across IT systems, focusing on critical areas such as identity and access management (IAM), data protection, and incident response
• Deliver audit reports to senior leadership, translating complex technical risks into strategic, actionable insights with practical remediation plans
• Understand applicable laws and regulations to provide a point of view on audit requirements related to information security and privacy controls
• Utilize data analysis techniques and audit software to evaluate and monitor IT and operational risks

• 7 + years of IT Audit experience and/or related experience (Big 4, Information Security, GRC)
• Advanced understanding and demonstrated ability to assess the effectiveness of internal control in support of technology processes (e.g. change management, access security, computer operations, etc.)
• Strong project management, organizational, and communication skills to sustain work on multiple diverse projects (information security, product security, emerging tech evaluations, etc.)
• Familiarity and understanding of major professional audit frameworks, cybersecurity laws and regulations (NIST, IES 62443, ISO 27001, ITIL, COBIT, PCI-DSS, etc.)
• Bachelor's Degree in MIS, Computer Science, or related field or equivalent experience
• At least one professional certification such as CISA, CISSP, CISM or equivalent/applicable certification

Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:

• Medical plans > plan options with $0 payroll deduction
• Family-building, fertility, adoption and surrogacy benefits
• Dental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contribution
• Company Paid (Health Savings Accounts) HSA Contribution when enrolled in the High-Deductible medical plan with HSA
• Healthcare and Dependent Care Flexible Spending Accounts (FSA)
• 401(k) with employer match, Employee Stock Purchase Plans, and other financial benefits
• Company paid Basic Life, AD&D
• Short-term and long-term disability insurance (90 day waiting period)
• Employee Assistance Program
• Sick and Vacation time (Flex time for salary positions, Accrued hours for Hourly positions), and Paid Holidays
• Back-up childcare and parenting support resources
• Voluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insurance
• Weight Loss and Tobacco Cessation Programs
• Tesla Babies program
• Commuter benefits
• Employee discounts and perks program