You will be scoping, developing and implementing global and regional IT SOX compliance processes, lead quarterly access reviews and develop and conduct SOX compliance training. You will also be responsible for conducting SOX Compliance readiness reviews within a specified region.
Main responsibilities of this position include:
- Working with IT process owners to perform walkthroughs of IT control documentation;
- To identify process inefficiencies and make recommendations for improvement;
- The review of IT policies vs. processes, and procedures developed by IT Teams;
- Monitoring remediation plans and assist IT process owners to ensure said plans are on track for completion enterprise-wide;
- Reviews existing IT compliance controls for regulatory updates and create communication learning program for the IT Teams as necessary to incorporate new requirements;
- Developing a compliance and gap analysis process for new IT organizations to help them comply with audit requirements;
- Working with Internal Control and Internal Audit to develop and maintain various internal and external audit and compliance schedules for Information Technology (IT);
- Applying COBIT5, COSO, ITILv3, Agile frameworks to remediation efforts; provides guidance to IT Compliance Director and Regional Managers in the re-engineering of processes and procedures in need of remediation;
- Liaising with Internal Audit as well as with auditors to facilitate the auditing process; and
- The design of compliance programs to ensure ongoing evaluation and validation of IT control effectiveness.
- Minimum of a Bachelor’s degree in Computer Science, Information Systems Management or Accounting; CISA, CISM, CGEIT, CISSP, CRISC professional certifications desirable;
- 5+ years of work experience in IT Audit, Compliance and/or Public Accounting. Experience in a large accounting firm with SEC Clients preferred;
- Knowledge and experience in compliance with Sarbanes-Oxley (SOX) IT General Controls regulation is required;
- Knowledge of other privacy, PCI & FERPA regulations desired; and
- Knowledge of process improvement and project management methodologies.