Senior Analyst, Corporate IT SOX Audit

Role Overview

• Effectively perform and document IT SOX audit activities in accordance with professional standards and the organization’s audit methodology
• Execute testing and create work paper documentation
• Understand procedures, results and business impacts; and document and express such understanding in both written and verbal form
• Perform detailed review testing to analyze and validate information and provide constructive feedback to preparers to enhance the quality of testing work papers
• Demonstrate the ability to accurately document ITGC process workflows and data flows
• Create clear and accurate documentation and workflows of technology processes and test results and exceptions
• Work in a fast-paced, collaborative setting with cross-functional teams
• Lead individual project components and testing areas; oversee the work of more junior auditors and/or interns
• Independently collect facts, utilize strong analytical capabilities to recommend appropriate actions on complex matters, and effectively communicate status and results in a concise, timely manner
• Reports related audit findings to audit and business stakeholders
• Interacts with various levels of Internal Audit and business line management to resolve issues in a timely manner and to maintain effective communications
• Consider SOC reporting and other compliance impact for controls which are tested once and applied for other compliance purposes
• Meets administrative reporting requirements and supports department initiatives
• Demonstrates a commitment to integrity and the company code of conduct, and a respect for diversity and inclusion
• Contribute to overall Internal Audit Department team norms to promote a positive environment and improve team effectiveness
• Keep current of relevant technology developments and evolving IT risk areas

Requirements

• 2+ years’ experience in IT SOX Audit, IT SOX Compliance, Control Validation, Risk Assessment, or Risk Consultant role
• Ability to travel up to 10%
• Must be willing to work 8:00am-5:00pm EDT or CDT
• Professional designations such as CPA, CIA, CISA etc., or progress towards achieving such designations
• In-depth knowledge and understanding of Sarbanes Oxley regulation including its requirements, regulations, and implications for financial reporting and internal controls
• Prior experience in strategizing, planning, and developing technology audit project plans
• Familiarity with Cloud environments and data classification and protection concepts
• Knowledge in IT processes
• including applications and infrastructure, security and vulnerability assessments, change control, asset management, disaster recovery, data privacy, and IT risk assessment, automated control environments, cybersecurity best practices, cloud security controls etc.
• Familiarity with Information Risk Frameworks (NIST 800-53, COBIT 5, ISO/IEC 27001/2, HITRUST, PCI DSS)
• Good teamwork and collaboration skills
• Strong analytical and problem-solving abilities
• Ability to work independently and manage multiple priorities
• Detail-oriented with a high level of integrity and professionalism
• Practical knowledge of processes, risks, and internal controls.
• Bachelor's Degree or equivalent experience (HS diploma + 4 years relevant experience)

Tech Stack

• Cloud
• Cyber Security

Benefits

• Affordable medical plan options
• 401(k) plan (including matching company contributions)
• Employee stock purchase plan
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility