- To support & track all of the SOX work going on across teams
- Collaborate with cross-functional teams to identify key IT controls, document control narratives, and assess control effectiveness.
- Coordinate and process regular IT control testing to validate compliance with SOX requirements.
Risk Assessment:
- Collaborate with IT and business units to identify and assess IT-related risks that could impact financial reporting or operational effectiveness.
- Assist in evaluating the potential impact and likelihood of identified risks and prioritize mitigation efforts.
Policy and Procedure Development:
- Ensure alignment of IT processes with relevant regulations and standards, such as NIST, FFIEC, COSO, COBIT, and ITIL.
- Continuous Improvement:
- Identify opportunities for enhancing IT compliance processes and control effectiveness based on audit findings and industry trends.
- Provide recommendations for process enhancements and participate in their implementation.
Job Skills
- Knowledge of the Sarbanes-Oxley Act, IT General Controls, and relevant regulatory frameworks.
- Strong understanding of audit methodologies, risk assessment, and control evaluation.
- Experience working with IT and audit teams to ensure compliance and manage audit engagements.
- Proficiency in documenting processes, control narratives, and audit findings.
- Excellent analytical, problem-solving, and communication skills.
- Attention to detail and ability to work independently and collaboratively.
- Familiarity with ITIL, COBIT, COSO, and other relevant industry frameworks.
Work Experience
- 5+ years in a similar role.
- Nice to have: Professional certifications such as Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are advantageous.