IT SOX Internal Controls Analyst

About The Position

Requirements

• Bachelor's Degree (Information Management, MIS, Computer Science, Finance, Accounting or related combinations or degrees with business and technical mix).
• 1-3 years of relevant work experience; preferably with a public accounting firm, consulting audit firm, or internal audit.
• Minimum of 1 year of experience auditing information technology control processes
• Pursuing or has obtained professional certifications (CISA, CPA, or CIA preferred).
• Understanding of SOX.
• Understanding of IT risk and general information security concepts and technology infrastructure.
• Understanding of core IT general control processes (e.g., Information Security, Change Management, Software Development Lifecycle, IT Operations etc.).
• Knowledge of technical platforms, networks, security concepts, and data retrieval techniques.
• Proficiency in Microsoft Office: Excel, PowerBI, Visio, Word, PowerPoint, and Outlook.
• Dedication to ethical behavior and the ability to maintain objectivity.
• Goal oriented / Edge – Strives toward goals with decisiveness and determination. Demonstrates courage to take risks, demands excellence, and drives for results with speed. Faces into conflict, interacts with candor and addresses challenges with urgency.
• Integrity – Can be trusted to maintain financial integrity to the corporation, employees, and shareholders.
• Creativity – Strives for continuous and breakthrough improvement in business process and results; sets and encourages others to set continually higher goals; strives to achieve a best-practice approach; and takes and encourages others to take stands.
• Decision Making – Independently recognizes issues, problems, or opportunities, and determines whether action is needed; socializes ideas and judgmental decisions; is transparent and uses a risk-based approach when making tough calls.
• Elevates Performance – Accepts responsibility for outcomes of one’s work; admits and learns from mistakes; refocuses efforts when appropriate.
• Self-Awareness – Continually assesses and appreciates the impact of own behavior upon others and the environment; adjusts behavior based upon understanding of own impact and desired outcomes.

Nice To Haves

• public accounting experience is strongly preferred.
• Big-four audit experience strongly preferred.
• Experience in auditing/testing SAP is a plus.

Responsibilities

• Supports the annual in-scope applications assessment for the Sarbanes-Oxley (“SOX”) management testing scoping memo.
• Performs design and operating effectiveness testing for SOX IT General Controls (ITGC) with oversight.
• Completes detailed and quality work-papers that includes corroborative evidence to support management testing conclusions within the expected deadlines.
• Applies feedback or review comments from submitted work-papers and demonstrates continuous improvement in their documentation or testing.
• Communicates testing status and conclusions.
• Conducts ITGC walkthrough meetings (access security, IT operations, and change management) with control owners to understand the processes and gather evidence with support.
• Assists with key reports testing, critical spreadsheet testing, IPE governance, and special projects/assignments.
• Maintains strong relationships with GIS to ensure changes to the internal controls properly mitigate risks in an efficient manner
• Maintains stakeholders’ expectations while holding an independent view.
• Continuously accepts coaching in learning key management testing processes/testing framework/methodology.
• Provides information or facts to assist in drafting and communicating control deficiencies.
• Supports leader in partnering with GIS and owners of Service Organizations to implement ITGC’s, Complementary User Entity Controls, IPE best practices, and supports the assessment of SOC 1 Type II reports.