The successful candidate will be an experienced leader responsible for owning and operating the IT SOX Controls framework.
The designation will be based on the candidate s level of experience, skillsets, and qualifications
Job :
- Independently lead the implementation of the IT SOX Compliance Framework, including the ownership of Risk Control Matrix(RCM), to ensure compliance with Sarbanes-Oxley Act(SOX) requirements and other relevant regulations.
- Evaluate Internal Controls (ITGC and ITAC) as per various compliance standards and frameworks such as SOX, COSO etc.
- Collaborate with IT and Business stakeholders to identify key IT controls, conduct walkthroughs with them and assess design and operating effectiveness of Internal Controls.
- Conduct risk assessments to identify and prioritize IT-related risks to financial reporting and develop strategies to mitigate risks through the implementation of effective control measures.
- Facilitate the IT SOX Audits by coordinating with internal and external auditors which includes engaging in scoping, planning the audits, deliver workpapers that meet audit standards and ensure timely resolution of audit findings.
- Provide guidance to Management on remediation efforts required for addressing the control deficiencies. Collaborate with relevant stakeholders to conduct the root cause analysis, develop, and implement remediation plans, monitor progress, and ensure timely resolution of deficiencies to strengthen the control environment and mitigate risks to financial reporting.
- Review the SOC reports (SSAE 18 reports for all third-party service providers used by IT team) and assess whether the exceptions identified in these SOC Reports have been addressed by the vendors.
- Foster a culture of compliance awareness and accountability within the organization.
- Stay up to date with regulatory changes, emerging risks, and industry trends related to SOX compliance, SEC Regulations and proactively recommend enhancements to the Management.
- Identify and assess the financial risks associated with adding new applications, systems, databases, or changes made to existing processes.
- Conduct the Key report testing for both external and in-house applications
- Assist with audit procedures to drive continuous monitoring and assurance activities.
Required Qualification:
- Bachelor s degree/Master s Degree in Information Technology, Accounting, Finance, or related field.
- Professional certifications in IT audits - CISA and ISO27001 LA is required
Required Skills:
- 6+ years of experience in IT risk advisory, with a focus on Sarbanes-Oxley (SOX) compliance within a publicly traded company or Big 4 audit firm.
- Strong understanding of IT governance frameworks, control frameworks (e.g., COSO, COBIT), and regulatory requirements (e.g., Sarbanes-Oxley Act, SEC regulations) pertaining to IT controls.
- Strong technical IT auditing skills and ability to understand a complex environment of in-scope applications and various technology platforms.
- Excellent leadership, communication, and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and senior management.
- Excellent written and verbal communication skills and high level of personal integrity
- Ability to work independently, deliver high quality output under time pressure and prioritize competing workloads.
- Ability to co-operate and influence within teams of different culture.
- Strong problem solving & organization skills
Desired Skills:
- Experience in conducting ISO27001 Audits.
- Knowledge of ERP Applications, NetSuite and UKG-Ultipro in particular.
