IT Internal Controls Analyst

About The Position

Requirements

• Bachelor's Degree in Information Technology or Accounting is required.
• Three to five years' experience in IT audit, security, or a related role is required.
• Knowledge of internal control concepts, especially related to Sarbanes-Oxley Act and Service Organizations is required.
• Knowledge of and ability to apply internal controls and best practices.
• Detailed understanding of IT terminology, common practices and managed processes, including technology architecture, network security, system provisioning, configuration management, performance monitoring, incident management, change management, user access management, disaster recovery, etc.
• Knowledge of and skill in applying technology control and risk assessment related frameworks (i.e. COSO).
• Knowledge of industry program policies, procedures, regulations, and laws.
• Experience in performing control risk assessments.
• Skilled in planning and project management to meet multiple deadlines while working on multiple activities.
• Skilled in collecting and analyzing complex data, evaluating information and systems and drawing logical conclusions.
• Skilled in effective verbal and written communications, including active listening skills and effectively presenting recommendations.
• Skilled in negotiating issues and resolving problems.
• Ability to establish and maintain professional working relationships with co-workers, contractors, and other external contacts to work effectively in a professional team environment.

Nice To Haves

• Certification as a CIA, CPA, CISA, or CRISC is preferred.

Responsibilities

• Assists with ongoing evaluations of the control environment for appropriate design by working with operational functions and auditors.
• Applies knowledge of ITGCs to assist with control risk assessments and works with management to evolve the control environment in response to those risks.
• Assists management in performing risk assessment procedures for both control and IT processes.
• Assists in implementing the design of control functions for new applications.
• Stays abreast of regulatory developments impacting the Company, especially in relation to SEC requirements across IT and assists with providing training to management accordingly.
• Reviews the documentation of control owners across the IT organization and provides feedback to control owners on strengths and weaknesses.
• Assists the IT organization in developing management review plans, designs controls, and provides timely communication to management on status and results.
• Partners with the internal audit function and external auditors to help facilitate successful control testing outcomes and risk assessments.

Benefits

• Generous paid time off
• Top-tier medical, dental and vision benefits
• Health & wellness support
• Paid volunteer hours
• Continuous learning programs
• Mentorship opportunities
• Ongoing training