Key skills
AnalyticsLeadershipStakeholder ManagementRisk ManagementChange ManagementCommunication
About this role
Role Overview
- Identify, evaluate, and prioritize IT risks across OpenTable’s operations.
- Oversee regular risk assessments and control certification/validation activities.
- Monitor emerging IT risks and propose mitigation strategies.
- Lead the design and implementation of internal controls over technology systems and processes, particularly those supporting financial reporting (e.g., SOX compliance).
- Guide teams in the execution of user access reviews, segregation of duties monitoring, change management controls, and other standard IT controls.
- Maintain documentation of controls, processes, and evidence required for internal and external audits.
- Manage quarterly and annual control certification and user access review cycles.
- Serve as a liaison between IT, the Finance organization, and external auditors.
- Support ITGC (IT General Controls) management testing.
- Investigate any identified control deficiencies, oversee remediation efforts, and work to strengthen and automate internal controls as appropriate.
- Continuously improve risk management processes using technology, analytics, and cross-functional input.
- Partner with cross-functional leaders at OpenTable, supporting business objectives while ensuring a risk-aware culture.
- Present risk and control status updates to senior leadership as needed.
- Develop and maintain IT risk management policies, control standards, and governance frameworks.
- Ensure alignment with Booking Holdings (BKNG) group policies and broader compliance requirements.
Requirements
- Bachelor’s degree (or above) in IT, Engineering, or Accounting/Finance.
- 7+ years of progressive experience coordinating IT SOX compliance activities and maintaining IT Risk and Control Matrices/Frameworks.
- Leadership experience in IT risk management, audit, compliance, or a related field.
- Deep knowledge of internal controls over financial reporting, information security, and regulatory standards (e.g., SOX, COSO, COBIT, NIST).
- Strong analytical, communication, and stakeholder management skills.
- Experience working with auditors and managing audit processes.
- Ability to collaborate with both technical and non-technical stakeholders.
- Professional certifications (such as CISA, CISSP, CRISC, CIA, or similar) preferred.
- Experience in Big 4 Accounting/Professional Services is preferred.
Benefits
- Work from (almost) anywhere for up to 20 days per year
- Focus on mental health and well-being:
- Company-paid therapy sessions through SpringHealth
- Company-paid subscription to Headspace
- Annual company-wide week off a year
- the whole team fully recharges (and returns without a pile-up of work!)
- Paid parental leave
- Generous paid vacation + time off for your birthday
- Paid volunteer time
- Focus on your career growth:
- Development Dollars
- Leadership development
- Access to thousands of on-demand e-learnings
- Travel Discounts
- Employee Resource Groups
- 20 days of paid time off
- Private health and dental insurance
- Life and Disability insurance