Sr. SOX IT Analyst

Qualifications

• 8+ years of experience in IT Audit, IT Compliance, or a related discipline, with direct SOX IT compliance experience.
• Bachelor’s degree in Business Administration, Accounting, Management Information Systems (MIS), Computer Science or related field; CISA, CISM, CRISC, CISSP or similar certifications preferred
• Strong understanding of internal control over financial reporting (ICOFR), risk assessment, IT General Controls (ITGC), and PCAOB expectations
• Demonstrated experience testing ITGCs for applications, operating systems, and databases and reviewing / validating the completeness and accuracy of audit evidence
• Attention to detail and quality, balanced with the ability to see the big picture and identify areas for process simplification.
• Ability to proactively look ahead, anticipate questions, independently assess risk, think critically and creatively to achieve the best outcome, and elevate issues to the right level internally and externally to resolve.
• Proven ability to work in a deadline-driven environment and handle multiple projects simultaneously
• Excellent interpersonal, written and verbal communications, presentation and influencing skills.
• Strong planning and project management skills

Responsibilities

• Manage and execute the IT SOX compliance program, including scoping, risk assessment, testing, and remediation activities.
• Identify and evaluate ITGCs across areas such as access controls, change management, system operations, and SDLC.
• Collaborate with control owners to ensure understanding, proper documentation, and implementation of IT control procedures.
• Perform walkthroughs and testing of controls for key financial systems and supporting infrastructure.
• Track, document, and communicate control deficiencies and remediation plans.
• Serve as a liaison between IT, internal audit, external auditors, and business process owners during SOX reviews.
• Assist with the development and maintenance of SOX documentation including risk/control matrices, process narratives, and flowcharts.
• Monitor and report on compliance status and risks to leadership through dashboards and reports.

Provide guidance on control design and process improvements to enhance the overall IT control environment.