The IT SOX Manager will play a vital role in advising the business on appropriate business process and IT controls. This is a hands-on role with one direct report and reports to the Director of SOX and Internal Controls. This is a unique opportunity to put your own stamp on the SOX Program as we transition from a co-source to an in-house model.
As part of the SOX and Internal Controls Team, the IT SOX Manager may also assist with the Business Process SOX Assessment and the establishment of the Internal Audit function.
Plan, coordinate, and execute all phases of IT SOX compliance.
- Update the IT scoping and risk assessment.
- Update SOX documentation, including risk and controls matrices and process flowcharts, and evaluate controls as new systems are developed or processes change.
- Ensure that IT controls are properly designed for all in scope processes and global entities.
- Perform ITGC testing including design & operating effectiveness testing, remediation testwork, and rollforward testing.
- Review workpapers of the IT SOX Team.
- Advise on best practice automation of business controls.
- Provide technical guidance and advice to control owners for remediation of IT-related internal control gaps.
- Ensure any IT-related internal control gaps are remediated and re-tested by year-end.
- Track and monitor overall ITGC SOX assessment status for monthly and quarterly reporting to senior management. Ensure all ITGC SOX deliverables and deadlines are met.
- Coordinate with external auditors on the annual SOX testing plan.
- Provide internal controls training to control owners.
- Perform limited assurance internal controls testing at non-SOX entities.
- Mentor and develop talent of the IT SOX Team.
New System Implementation
Liaise with system implementation teams and ensure that:
- A proper audit trail is being maintained for the system development life cycle.
- Application and general computer controls are fully compliant, automated, and aligned to best practice.
- Big 4 external or internal audit background with a strong focus on SOX ITGC's.
- Solid understanding of SOX and internal control concepts (e.g., COSO, COBIT, ITIL, ISO 27001).
- Strong written and inter-personal skills.
- Multi-client, commerce experience.
- Proven ability to lead audits and manage audit teams.
- Advanced Excel and Visio skills.
- International experience.
- Workday ERP experience.
- Experience of using data analytics tools to support computer assisted audit techniques (e.g., ACL or SAS).
- Tech industry experience.
Education and Qualifications
- CISA, ACA, or equivalent certification.
- Degree in computer science or combined with a finance/accounting/business degree.