Sr. Director, SOX IT Compliance

About The Position

Requirements

• BA/BS in Computer Science, Management Information Systems and / or Accounting is required.
• CISA, CISM, CIA, CPA and/or a relative certification is required.
• 5+ years of experience in Public Accounting
• 12+ years of audit experience in SOX IT Compliance, IT Audit, or similar roles with deep hands-on knowledge of SOX and IT General Controls.
• Proven experience in managing the execution of an end-to-end SOX program.
• Strong project management with the ability to oversee complex programs.
• Excellent attention to detail and organizational skills are needed to effect change and prioritize deadlines.
• Able to work well under pressure and accustomed to project work with tight deadlines.
• Creative, self-starter, quick thinker, curious and dedicated individual who is eager to influence change within the organization.
• Strong analytical and problem-solving abilities, with demonstrated intellectual and analytical rigor.
• Team-oriented, collaborative, diplomatic and flexible.
• Strong written and verbal communication skills, strong interpersonal skills, and the ability to communicate effectively across regional and/or functional lines.
• Leads the IT controls integrations workstream for major System Development Life Cycle (SDLC) projects
• Familiarity with a variety of technologies, operating systems, databases, and reporting and data analytics tools.
• Ability to interact with external auditors and members of senior management to deliver expectations, scope, and communicate and interpret key audit priorities and issues, including PCAOB and AICPA trends.
• Working knowledge of basic financial accounting, auditing, and financial reporting concepts
• Comfortable in working in highly iterative and somewhat unstructured environment.
• Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.)
• Subject matter expertise related to:
• IT General Controls
• SSAE 18 / SOC 1 / SOC 2
• Sarbanes-Oxley and PCAOB requirements
• IT risk assessment / operational IT audit
• IT Controls Frameworks (e.g., COBIT, ISO 27000, NIST)
• System Development Life Cycle (SDLC)
• Significant experience & expertise in several of the following:
• Microsoft software products (Outlook, Excel, Word, PowerPoint)
• GRC systems, preferably ServiceNow IRM and / or Onspring
• User Access Review automation, preferably Saviynt and / or SAP GRC
• ERPs, preferably SAP and Oracle EBS
• Cloud systems, preferably AWS, Azure, Workday, Salesforce, Snowflake
• Infrastructure layer security, such as Active Directory, Unix, Windows, HANA, DB2, SQL, Oracle

Nice To Haves

• Experience in media & entertainment.
• Familiarity with streaming and similar products/services.
• Experience working in a global company.
• Some visualization tool knowledge would be helpful (e.g., Power BI).
• Experience and involvement with implementing Identity Access Systems for an organization.
• Experience standing up a team and working for organization going through M&A.

Responsibilities

• Collaborates with key stakeholders to understand team needs and dependencies to better align ITGC processes.
• Assists in developing and executing a methodology to evaluate, prioritize and monitor the success of the ITGC processes.
• Accurately and clearly articulates strategic issues and provide relevant, logical options for solving them.
• Provides regular updates to the department management (SVP and EVP of Global Information and Content Security (GICS)) regarding the status of the SOX testing, the issues identified, and solutions to address the identified issues or deficiencies.
• Maintains current knowledge regarding changes to SOX compliance regulations and ensure that WBD adjusts methodologies in response to the changes by issuing guidance and instructions to the appropriate IT stakeholders and personnel. Determine and recommend changes to current controls to address requirement change or issues.
• Plays significant role in the implementation of major projects and initiatives related to auditing automation software and applications to manage governance tasks and SOX financial reporting functions.
• Owns the SOX IT Compliance enterprise program.
• Conducts SOX scoping and risk assessment activities.
• Assesses the impact of IT on business and finance processes.
• Manages multiple resources responsible for:
• Reviews remediation plans, activities and retesting for potential issues and process improvement opportunities.
• Reviews risks and controls for new system implementations and assesses the impact on SOX ITGCs.
• Oversees IT management's documentation updates and management assessments of all in-scope WBD IT processes based on SOX and audit requirement
• Serves as the principal interface with the external IT Audit function and the WBD Internal Audit functions regarding SOX ITGRC related matters.
• Performs the annual SOX 404 scoping exercise to determine if there are any changes to IT
• Reviews the results of access certifications of financially significant systems, including segregation of duties testing.
• Develops value-added relationships with process owners and make recommendations for process improvement.
• Oversees process reviews and identify opportunities for significant enhancements in operational efficiency, overall effectiveness, and identifiable benefits to the company.
• Challenges the status quo and bring effective ideas to enhance the SOX program.
• Drives efficiencies by seeking opportunities for centralization, globalization, and automation.
• Liaisons with Sr. Executives, process owners, internal auditors, external auditors, and other stakeholders; prepare business stakeholders for internal and external audit reviews.
• Ad-hoc projects as assigned.

Benefits

• health insurance coverage
• an employee wellness program
• life and disability insurance
• a retirement savings plan
• paid holidays and sick time and vacation