Director, IT Internal Audit & Controls

REAL (Nasdaq: REAX) is a publicly traded, fast-growing global real estate brokerage powered by technology and driven by people. Since our founding in 2014, we’ve been reimagining the residential real estate experience. With operations across the U.S., Canada, India, and the District of Columbia, we’re leading the industry with our cutting-edge platform that empowers agents, simplifies the buying and selling journey, and unlocks greater financial opportunities.

At Real, we believe in pairing Tech x Humanity to create something truly different.
Learn more at https://www.onereal.com/

Work Schedule: This position is required to work East Coast or Central Time business hours to ensure effective collaboration with our globally distributed teams.

Location Requirements: Candidates must be based in U.S. to be considered.

About the Role:

Real is seeking a Director, IT Internal Audit & Controls to join our Internal Audit & Controls team. Reporting to the Vice President of Internal Audit & Controls, you will play an integral role in supporting the development, continuous improvement and management of the Internal Audit & Controls program with an initial key focus on the development of internal audit and controls methodology as well as continuing our successful efforts to maintain and improve an effective Sarbanes-Oxley (“SOX”) Compliance program. The successful candidate is a motivated hands-on leader who possesses a blend of technical IT audit and SOX acumen, strategic thinking, practical execution abilities, strong project management and regulatory compliance skillsets. Your insights will be documented and conveyed through various comprehensive reports on the outcomes of your endeavors.

What You’ll Do:

• Collaborate with the Internal Audit & Controls team in developing and implementing the overall risk-based audit and controls strategy and methodology.

• Actively engage in the development and execution of the annual risk-based internal audit plan in alignment with the Company’s strategy and other objectives.

• Perform annual financial, operational, IT and fraud risk assessment activities.

• Manage the organization's SOX compliance program, ensuring adherence to regulatory requirements and best practices.

• Conduct periodic assessments and testing of internal controls to evaluate their effectiveness in addressing financial reporting, operational and IT risks.

• Orchestrate risk-based IT operational audits from inception to culmination, encompassing scoping, fieldwork, and the formulation of audit findings.

• Lead and conduct detailed, integrated IT risk-based audits and/or reviews of core financial and business operations IT systems and applications to assess performance, controls and compliance.

• Assess the company’s cybersecurity measures protecting sensitive customer data and financial transactions.

• Identify root cause(s) of inefficiencies and assist stakeholders in developing actionable recommendations that address the root cause(s).

• Communicate audit findings, recommendations, and risk exposures to stakeholders in a clear and concise manner on an ongoing basis, fostering understanding and collaboration.

• Collaborate with senior management and process owners across the organization to develop and implement corrective actions.

• Walkthrough significant IT processes and identify key financial reporting and IT control activities.

• Aid in developing foundational internal IT audit SOPs, KPIs and performance management navigator aligned to IIA best practices.

• Leverage data analytic and robotic process automation technology to enhance audit coverage, identify anomalies and improve audit effectiveness and efficiency.

• Skillfully manage multiple audit engagements concurrently, ensuring the identification and resolution of pertinent audit risks, timely completion of audits, and the effective communication of value-added/risk-centric insights to management.

• Proficiently lead, mentor and develop a high-performing and highly collaborative internal audit team, while competently managing and finalizing audits of varying intricacy within designated deadlines.

• Play a significant role in the development of Internal Audit and Controls team members to support their engagement as well as professional growth and goal achievement.

• Aid in preparing quarterly audit committee materials, managing audit engagement resources, and tracking remediation processes.

• Support special project engagements, as needed.
  

What You’ll Bring:

• Mix of external and internal audit and industry experience preferred.

• Demonstrated knowledge and practical application of internal audit and control strategies, methodologies and auditing standards, financial and operational risks and controls, as well as strong working knowledge of IIA standards, PCAOB standards, SEC regulations and COSO and ISACA Frameworks.

• Excellent concept and deep knowledge of Information Technology General Controls (ITGC); able to recognize significant control issues as well as the ability to recognize exposures in emerging risks.

• Strong understanding of IT SOX compliance requirements and experience managing IT SOX initiatives in a publicly traded company environment.

• Deep knowledge of internal audit principles, practices, and methodologies, as well as industry best practices and regulatory standards.

• Expertise in cybersecurity frameworks (e.g., NIST, SOC2 and COBIT) and IT governance principles.

• Exhibit strong analytical, problem-solving, and decision-making acumen.

• Demonstrate proficiency in project management and organizational competencies.

• Works well independently with minimal supervision with extensive latitude for innovative thinking and independent judgement.

• Excellent interpersonal skills and the ability to engage and collaborate with all levels of management, external auditors and all members of the Internal Audit & Controls team.

• Excellent verbal and written communication and presentation skills.

• Excellent analytical, problem-solving, and decision-making skills, with an initiative-taking approach to problem solving and the ability to think strategically and provide practical solutions to complex and novice issues.

• Strong MS Office skills.

Education & Experience:

• Bachelor’s degree in Information Systems/Technology, Accounting or a related field.

• Relevant certification(s) such as Certified Internal Auditor (CIA), Certified Public Accountant (CPA) or Certified Information Systems Auditor (CISA).

• Ten or more years of progressively advancing experience in supporting a company’s risk-based IT internal audit and SOX program; ideally with a mix of IT consulting, public accounting, and/or public company internal auditing.

• Minimum of six years in a leadership and/or supervisory role.

• Experience working in an organization with complex operational, IT and regulatory environments.

• Experience with Governance, Risk and Compliance (GRC) tools to manage, automate and measure audit and internal control objectives and projects.

• Experience with data analytic and/or robotic process automation (RPA) tools is a plus.

How We Work: Our Operating Principles

Our Operating Principles are the blueprint of Real’s culture. They guide how we show up, make decisions, and bring our mission to life every day:

• Be Agent Obsessed: We design every decision around creating value for our agents and their clients.

• Move Fast with Purpose: We act with urgency, clarity, and focus—without compromising our standards.

• Own Your Outcome: Effort matters, but results matter more. We adapt, learn, and improve.

• Be Bold; Challenge Often: We challenge assumptions, rethink “the usual,” and push for smarter, simpler solutions.

• Win Together: We set high standards, collaborate deeply, and celebrate shared success.

Our Commitment:

Real Broker LLC is proud to be an equal opportunity employer. We celebrate diversity and are committed to building an inclusive environment for all employees. We welcome applicants of all backgrounds and identities, and we do not discriminate on the basis of race, color, ancestry, religion, sex, sexual orientation, gender identity or expression, age, marital or family status, disability, citizenship, veteran status, or any other status protected by applicable law.