IT SOX Manager

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, or related field.
• 5+ years of experience in IT audit, compliance or risk management roles, with a strong knowledge of SOX requirements and control frameworks, such as COSO and COBIT, at a Big 4 and/or publicly traded company.
• Strong understanding of current IT SOX testing methodologies, risk assessment practices, latest PCAOB requirements, and their practical application in complex IT environments
• Advanced understanding of ITGCs and ITACs, including the ability to identify and evaluate key reports and interfaces critical to financial reporting and system integrity.
• Familiar with Oracle financials, legacy systems, cloud computing environments and associated compliance challenges.
• Minimum 3 years of experience supervising and managing professional staff.
• Leadership and project management skills with the ability to manage cross-functional teams and projects.
• Excellent communication and interpersonal skills to effectively interact with stakeholders at all levels.
• Strong problem solving and influencing skills to drive strategy and alignment globally.
• Strong work ethic and collaborative working style, coupled with a timely action-oriented mindset.
• Experience preparing and delivering executive-level presentations, with strong written and visual communication skills.

Nice To Haves

• Experience working in a global, multi-national environment is highly desirable
• Experience with compliance management software and GRC tools is preferred.
• CISA, CISSP, or CIA certification is highly preferred.
• Ability to travel internationally 20% of the time.

Responsibilities

• SOX Compliance Management Coordinate, oversee and enhance the IT SOX compliance program
• Hands-on managing and guiding internal and co-sourced team in executing SOX testing, including IT general controls (ITGCs), IT application controls (ITACs), key reports, information produced by entity (IPE), user access reviews and system and organization controls (SOC) reviews for consistency and quality across all testing activities
• Develop and monitor key IT SOX metrics and timelines
• Collaborate with external auditors and regulatory bodies during IT SOX audits and inspections
• Conduct risk assessments of in-scope applications, IT controls rationalization and optimization
• Support scoping conclusions and recommendations to both internal and external stakeholders
• Identify control gaps and develop remediation plans
• Collaborate with IT and business teams to implement risk mitigation strategies and foster a culture of compliance and accountability throughout the organization, emphasizing the importance of IT controls in maintaining financial integrity
• Serve as a technical resource on all IT SOX matters, providing reliable and insightful recommendations for implementing internal controls within IT processes
• Ensure appropriateness of IT SOX documentation, including narratives / process flows, risk control matrices and test plans, and evaluate / develop / refine controls as systems are upgraded or processes change
• Oversee IT testing for design & operating effectiveness and remediation test work
• Provide consultation support on IT control readiness for new initiatives, such as software development life cycle (SDLC) controls
• Prepare and present regular reports on the status of SOX compliance to leadership
• Oversee IT issue management and reporting by evaluating control deficiencies, assessing root causes, impact analyses, and recommending remediation activities to ensure remediation items are addressed according to action plans
• Communicate effectively with IT teams, business unit leaders, finance teams and external auditors and ensure timely remediation of any identified IT control deficiencies or weaknesses
• Develop and maintain dashboards for real-time monitoring of IT SOX compliance status
• Provide guidance and training on IT SOX compliance as needed
• Identify opportunities to streamline and automate compliance processes
• Stay updated with changes in SOX regulations, industry best practices, and emerging risks
• Leverage emerging technologies such as AI and machine learning to enhance compliance processes where applicable
• Continuously improve the efficiency and effectiveness of the IT SOX compliance program