Internal Auditor III

At Braze, we have found our people. We’re a genuinely approachable, exceptionally kind, and intensely passionate crew.

We seek to ignite that passion by setting high standards, championing teamwork, and creating work-life harmony as we collectively navigate rapid growth on a global scale while striving for greater equity and opportunity – inside and outside our organization.

To flourish here, you must be prepared to set a high bar for yourself and those around you. There is always a way to contribute: Acting with autonomy, having accountability and being open to new perspectives are essential to our continued success.

Our deep curiosity to learn and our eagerness to share diverse passions with others gives us balance and injects a one-of-a-kind vibrancy into our culture.

If you are driven to solve exhilarating challenges and have a bias toward action in the face of change, you will be empowered to make a real impact here, with a sharp and passionate team at your back. If Braze sounds like a place where you can thrive, we can’t wait to meet you.

As an Internal Auditor specializing in IT controls and SOX compliance, you will play a key role in evaluating and improving Braze’s internal control environment. You will conduct walkthroughs, perform control testing, and support remediation efforts across global operations and our evolving technology stack.

This position offers direct exposure to the systems and teams running our platform: from cloud infrastructure and DevOps pipelines to security controls and financial systems. You will also collaborate with global stakeholders, co-sourced providers, and external auditors.

WHAT YOU'LL DO

Planning & Scoping

• Assist in annual SOX and internal audit risk assessments to identify key financial and IT risks.
• Support audit scoping, control identification, and planning activities in collaboration with internal stakeholders and co-sourced partners.
• Participate in system implementation reviews and assess the control impact of planned changes.

Execution & Testing

• Perform SOX 404 walkthroughs and control effectiveness testing for business process and IT General Controls (access, change management, backup, operations).
• Conduct control testing across cloud infrastructure (e.g., AWS, GCP) and key SaaS platforms.
• Document testing results and maintain high-quality audit workpapers in line with internal and external audit standards.

Evaluation & Remediation

• Identify control deficiencies or process gaps, and support management in developing remediation plans.
• Track and validate remediation actions, ensuring control gaps are closed effectively and sustainably.
• Collaborate with IT, Finance, and Operations teams to assess control design and recommend process improvements.

Reporting & Communication

• Prepare clear and concise audit reports that summarize key findings, risks, and recommendations.
• Present results and insights to management and stakeholders in a structured, solution-oriented way.
• Support external auditor requests and provide timely documentation and testing evidence.

Continuous Improvement & Development

• Contribute to ongoing enhancements of audit programs, methodology, and use of automation or analytics.
• Leverage (or learn) tools such as SQL, Looker, PowerBI, or Alteryx to support control testing and risk analytics.
• Shadow infrastructure, DevOps, and data engineering teams to understand Braze’s architecture and the control implications of a high-scale SaaS environment.
• Stay current on audit frameworks (e.g., COSO, COBIT), regulatory guidance, and best practices.

WHAT YOU HAVE

Education & Foundational Knowledge

• Bachelor’s degree in Accounting, Finance, Information Systems, Computer Science, or a related discipline.
• Foundational understanding of internal controls, SOX 404 compliance, and common frameworks (e.g., COSO, COBIT, ISO 27001).
• Familiarity with IT General Controls (access, change management, backup/recovery, and operations) and business process controls.

Experience & Technical Exposure

• 0–3 years of relevant experience in internal audit, IT risk, public accounting, or a technology/SaaS environment (internships count as relevant experience).
• Exposure to cloud environments (AWS, GCP), SaaS platforms, or enterprise applications such as Workday, Netsuite, or Jira.
• Ability to document testing procedures, assess control effectiveness, and follow structured audit methodologies.
• Strong written and verbal communication skills; able to translate technical issues into clear, actionable findings.
• Comfortable interacting with technical and non-technical stakeholders across global teams.
• High attention to detail with the ability to manage multiple tasks and priorities in a dynamic environment.
• Proactive mindset with curiosity about technology, systems, and how they actually work behind the scenes.
• Strong problem-solving skills and the ability to follow an issue through to resolution.

Preferred Qualifications (Nice-to-Haves)

• Experience auditing or supporting controls in a SaaS or cloud-native environment.
• Familiarity with audit platforms (e.g., Workiva) or data tools (SQL, Alteryx, Looker, PowerBI).
• Knowledge of DevOps practices, CI/CD pipelines, infrastructure-as-code, or cloud-native architectures.
• Progress toward or interest in professional certifications (e.g., CISA, CIA, CPA, or equivalent).