IT Audit & Compliance Program Manager

About The Position

Requirements

• Bachelor’s degree from an accredited college in accounting, finance, business administration, or a technology-related discipline (e.g., Computer Science, Engineering, Information Systems) or equivalent experience/combined education.
• 9-14 years of progressively responsible internal auditing, compliance, and enterprise risk management experience, including experience in SOX compliance and information security risk management.
• Experience working with compliance frameworks such as HIPAA, NIST 800-53, COBIT, ITIL, FISMA, and other industry standards.
• Possess one or more of the following industry-recognized security qualifications: CISA, CISM, CRISC, or CISSP.
• Strong understanding of SOX requirements and IT general controls (ITGCs).
• Awareness of common exploits, vulnerabilities, and methods to prevent them.
• Proven ability to assess and mitigate IT risks and implement effective controls.
• Excellent written and verbal communication skills, with the ability to prepare detailed audit reports and present findings to senior management.
• Must be able to successfully pass a National Agency Check with Inquiries (NACI) background investigation.

Responsibilities

• SOX Audit Leadership: Lead efforts to ensure compliance with Sarbanes-Oxley (SOX) requirements, including the design, implementation, and testing of IT controls related to financial reporting.
• Risk Management: Develop and implement risk management strategies to identify, assess, and mitigate IT-related and other enterprise risks across the organization.
• Internal IT Audits: Plan, manage, and conduct internal audits, prepare written reports of audit findings. Evaluate systems and procedures to ensure compliance with sound management practices, IT department controls, and risk frameworks.
• Control Design and Effectiveness: Assess the reliability and quality of IT controls, accounting systems, and reporting systems. Develop and implement internal control procedures to address weaknesses and ensure compliance with legal and regulatory requirements.
• IT Audit Documentation: Prepare audit work papers in accordance with generally accepted auditing standards. Document performance through narrative reports, flow charts, and spreadsheets. Prepare audit reports identifying strengths, weaknesses, findings, and recommendations.
• External IT Audit Coordination: Oversee and coordinate audits conducted by external auditors, including SOX audits. Prepare RFPs and resulting contracts for services and serve as liaison during the audit process.
• Collaboration with IT: Work closely with the Information Technology Department to develop audit programs, determine scope, and establish approaches to conducting audits within constraints of time and staff availability.
• Compliance Management: Manage, track, and report on compliance with industry standards and regulations, including HIPAA, NIST 800-53, FISMA, and SOX.
• Risk Assessment and Reporting: Manage, track, and provide regular updates to senior management on risk exposure, audit findings, and compliance status.

Benefits

• Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.