IT SOX Compliance and Audit Lead Specialist

Who we Want

• Collaborative partners. People who build and leverage cross-functional relationships to bring together ideas, information, use cases, and industry analyses to develop best practices.
• Analytical problem solvers. People who go beyond just fixing to identify root causes, evaluate optimal solutions, and recommend comprehensive upgrades to prevent future issues.
• Goal-oriented: Keeping the customer and requirements squarely in focus, people who deliver safe and robust solutions. 
• Detail-oriented process improvers. Critical thinkers who naturally see opportunities to develop and optimize work processes – finding ways to simplify, standardize and automate.
• Dedicated achievers. People who thrive in a fast-paced environment and will stop at nothing to ensure a project is complete and meets regulations and expectations.

Assist the IT SOX Compliance team to ensure that processes and associated controls for IT SOX compliance (ITGCs) are managed and assessed for effectiveness to reduce overall compliance risk across the global IT organization.

What you will do

• Assist the Global IT SOX Compliance team in establishing and standardizing SOX compliance and IT general controls.
• Ensure that SOX controls across the global IT organization are in place, managed and effective.
• Execute and/or provide oversight of IT General Controls and Application Controls for in-scope SOX systems, including control monitoring and reporting results of monitoring to IT senior management.
• Work with control owners to resolve any potential issues before formal audits.
• Establish key metrics/status report to management team on a periodic basis; metrics/status to include compliance review execution results, general audit activity metrics, management action plan status, special projects status, and other key metrics as deemed appropriate.  
• Assist control owners in development/refinement of narratives/procedures associated with their controls.
• Partner with Internal and External Audit to ensure that IT controls meet expectations and appropriately address risk.
• Coordinate audit facilitation and support for the audits within the global IT organization.
• Ensure that internal and external audits for SOX compliance are executed efficiently and drive completion of action plans for audit findings.
• Coordinate with Internal Audit on the preparation and communication of audit remediation work.
• Track and monitor implementation of management action plans (MAPs) and monitor remediation according to agreed-upon schedule.
• Perform compliance assessments for IT projects to determine SOX impact.
• Provide training and coaching to IT staff regarding areas of IT SOX compliance risks and related controls.
• Keep current on emerging IT risks and IT relevant topics.

What you need

Required:

• Minimum 4 years of auditing experience, including planning, executing, reporting, and hosting/facilitating
• A thorough understanding of SOX 404 and IT General Control principles and practices
• Experience with ERP systems (e.g., Oracle, JD Edwards, iSeries, SAP)
• Experience designing and establishing IT SOX controls

 Preferred:

• Experience in a regulated industry (e.g., Life Sciences, Medical Device, Finance)
• Knowledge of industry standard frameworks (e.g., ISO 9001/27001/20000, COBIT, COSO)
• Other auditor qualifications (e.g., ISO Lead Auditor, ASQ, CISA)