Key skills
Change Management
About this role
Role Overview
- Provides inputs and support across all phases of the Company's ongoing IT SOX compliance efforts from planning through reporting, in compliance with NIST standards.
- Assists in company-wide and technology/ application-specific risk assessments to evaluate and address any impact the results may have on the control environment.
- Updates and continually validates documentation of the control environment (e.g., process flows, control matrices, system diagrams, role security matrices, etc.), ensuring it is kept current.
- Collaborates with Internal & External audit teams and SOX Compliance teams to evaluate IT system SOX scoping and address the impact of key applications relevant to the Company’s SOX environment.
- Participates in or leads the design and implementation of efficient and effective IT controls across the organization.
- Facilitates the root-cause determination and remediation of any exceptions with IT process/application owners in a timely manner.
- Provides guidance for identifying processes and technology solutions to improve compliance and reduce workload, e.g. via automation.
- Actively builds and manages relationships with Company stakeholders, while promoting the importance of compliance initiatives throughout the organization.
- Supports process owners through training, reviewing, and providing guidance for their processes including, but not limited to, IT General Controls, IT Application Controls, IT Operations, Key Reports, and SOC Reporting.
- Collaborates with internal/ external auditors to facilitate meetings setup, audit requests completed, and ensure evidence is captured by control owners.
- Provide summary results to senior management on progress, current issues, and key takeaways.
Requirements
- Bachelor's degree in a business-related or IT-related field of concentration or equivalent combination of training and experience; advanced degree is a plus.
- Five (5) years or more of related work experience with knowledge of SOX Compliance concepts, practices and procedures, and IT subject-matter proficiency (i.e., IT logical access, change management, operations, application controls); audit experience within public accounting and/or internal audit with IT focus is required (Big 4 is a plus).
- Knowledge of IT / Information Security risks and controls principles.
- Relevant professional certification is required, such as Certified Information Systems Auditor (CISA), Certified information systems security professional (CISSP), Certified in Risk and Information Security Controls (CRISC), etc.
- Experience with controls design, controls, audit, or risk (i.e., IT controls testing, internal audits, operational audits, advisory/consulting/compliance).
- Proficiency with audit software like AuditBoard.
- US Citizenship is required to apply.
Benefits
- Health, dental, and vision insurance
- Paid time off and holidays
- Retirement benefits (including 401(k) matching)
- Educational reimbursement
- Parental leave
- Employee stock purchase plan
- Tax-saving options
- Disability and life insurance
- Pet insurance