Summary:
Evaluate SailPoint Identity Governance by auditing automated workflows from access provisioning, deprovisioning, and user access review, and validate the integrity of the data synchronized from source systems. Conduct end-to-end SOX SDLC testing for the SailPoint system. Conduct ITGC testing across domains including logical access, change management, computer operations, and program development, ensuring audit-ready work papers for each control.
Responsibilities:
- Design and execute IT Application Controls (ITAC) testing, including input controls, interface controls, processing controls, and output controls across key financial systems.
- Perform key report testing: validate report logic, identify report parameters, assess completeness and accuracy, and document evidence in accordance with SOX standards.
- Lead or participate in system walkthroughs with IT and business process owners to assess control design adequacy and identify gaps requiring remediation.
- Coordinate and communicate with external auditors (Big 4) to facilitate reliance on internal audit work and reduce overall audit burden.
- Track control deficiencies and open issues work with control owners to monitor remediation and validate closure with sufficient evidence.
- Prepare, organize, and maintain high-quality audit work papers in AuditBoard (or equivalent GRC platform), ensuring documentation meets internal and external audit standards.
- Participate in process improvement initiatives to enhance the efficiency and effectiveness of the SOX program year over year.
- Flexibly support additional internal audit projects and operational audits as directed by the Internal Audit leadership team.
Requirements:
- Bachelor's degree in Information Systems, Computer Science, Accounting, Finance, or a related field.
- Minimum 6 years of experience in IT audit, with a strong foundation in SOX ITGC and ITAC testing.
- Mandatory SailPoint or Access Governance experience:
- Hands-on auditing OR implementation experience in SailPoint Identity Governance, OR
- Hands-on auditing or implementation of equivalent GLC / Access Governance tools (e.g., FastPass or similar tools).
- Mandatory Big 4 audit experience:
- Experience must be in a Big 4 audit role
- Consulting, advisory, GDS, or internal audit-only backgrounds are not acceptable.
Required Skills:
- Demonstrated hands-on experience designing and executing ITGC and ITAC test procedures across a range of technology platforms and financial applications.
- Proven experience with key report testing methodology validating report logic, parameters, completeness, and accuracy in a SOX context.
- Strong written and verbal communication skills, with the ability to clearly articulate issues, risks, and recommendations to technical and non-technical stakeholders alike.
- Highly organized and detail-oriented, with proven ability to manage multiple concurrent workstreams and meet firm deadlines in a dynamic environment.
- Unwavering integrity and the ability to handle confidential information with the highest level of professional discretion.
Preferred Skills:
- CISA, CIA, or equivalent professional certification preferred.
- Familiarity with AuditBoard or similar GRC platforms for documentation, workflow, and reporting.
- Experience creating process and data flow diagrams using Lucidchart or equivalent tools.
- Prior exposure to high-growth SaaS or technology companies ability to navigate evolving control environments with limited supervision.
- Familiarity with COBIT, or similar IT control frameworks as applied within a SOX program context.
#AditiConsulting
# 26-03882
