Summary
Responsible for identifying, documenting, and assessing IT application controls and formalizing IT General Controls to support SOX compliance. As well be responsible to execute certain controls. Works closely with IT, business process owners, and external auditors to ensure controls meet regulatory requirements and are operating effectively.
Key Responsibilities
- Identify key IT application controls related to financial reporting systems based on business process walkthroughs (e.g., input, processing, output, interface, and access controls).
- Define and formalize IT General Controls across key areas: access management, change management, IT operations, and system development lifecycle.
- Perform walkthroughs and risk assessments to ensure controls are designed effectively.
- Maintain control documentation and ensure alignment with SOX and internal policies.
- Collaborate auditors during testing and remediation cycles.
- Track control deficiencies and support remediation efforts with control owners.
- Monitor and evaluate changes in systems and processes that may impact SOX compliance.
- Assist in continuous improvement of the IT con framework to address emerging risks and automation opportunities.
Qualifications
- 35 years of experience in IT audit, IT compliance, or SOX IT controls.
- Solid understanding of SOX requirements, ITGCs, and application control principles.
- Experience with Workday a plus
- IT risk frameworks (e.g., COBIT, NIST).
- Experience creating user role definitions
- Strong analytical, documentation, and communication skills.
Preferred
- Top accounting firm experience as an IT Auditor , Audit board experience
- Experience working in a public company environment or with external auditors.
