The Senior IT Auditor is a part of the Financial Compliance Group and is responsible for assessing the design of IT system controls for company’s SOX compliance program. The Sr. IT Auditor is also responsible for performing walkthroughs of new and remediated system controls, key reports and monitoring remediation of control deficiencies.
What you'll do in your role.
- Review control design and perform/oversee readiness reviews of IT controls over new systems. Work with IT and other departments to understand and assess the impact of new systems and changes to existing processes and systems.
- Assesses control design for application controls including automated controls, interface controls and key reports.
- Reviews third party audit reports (SOC1 reports) to evaluate effectiveness of vendor controls.
- Work with control owners and governance teams on deficiencies, evaluation of failed controls, and drive implementation of solutions.
- Maintain an excellent and efficient working relationship with external auditors.
- Consult with business partners to provide guidance for IT general controls, automated controls, key reports, and interface controls.
- Manage and perform the annual SOX scope and control rationalization efforts to ensure systems are appropriately included/excluded within the SOX compliance program.
- Responsible for managing the roll out of new guidance from external auditors related to IT controls.
- Provide ongoing training related to SOX and IT to process owners to help ensure understanding and ongoing compliance.
- Develop and maintain productive client relationships with IT and Engineering leadership.
- Accountable for follow-up on outstanding IT audit issues to ensure that corrective actions are implemented and working as planned.
- Provides guidance to and review the work of SOX IT auditors.
The experience you'll bring.
- 2-4 years of full-time experience in IT SOX auditing or related compliance consulting experience. Experience with a Big 4 accounting firm preferred.
- Experience working with IT and Security related control frameworks.
- Skill in collecting and analyzing complex data, evaluating information and systems, identifying risks and impacts, and drawing logical conclusions.
- Ability to manage multiple deadlines, and be accountable for overall SOX deliverable and execution.
- Considerable skill in evaluating control deficiencies and working cross functionally to drive remedial actions.
- Considerable skill in effective verbal and written communications, including active listening skills and skill in presenting issues, observations, and recommendations.
- Strong computer skills, including MS Office products (i.e. Word, Excel, PowerPoint), Visio for flowcharting, and other business software to prepare reports, memos, summaries and analyses.
- CISA or CISSP certification preferred.