Overview
Remote
On Site
Full Time
Skills
Internal Control
Auditing
Design Documentation
Internal Auditing
Testing
PS
PostScript
Flowchart
Risk Assessment
Collaboration
Finance
IT Audit
Cyber Security
Regulatory Compliance
FOCUS
Sarbanes-Oxley
CISA
CISSP
COBIT
SailPoint
EMC RSA Archer
ServiceNow
SAP GRC
Project Management
Documentation
Communication
Microsoft Excel
Data Analysis
Microsoft PowerPoint
Presentations
Management
Supervision
Job Details
PURPOSE:
We're seeking a Senior GRC Analyst with deep experience in SOX controls to strengthen our Governance, Risk, and Compliance program. This role will ensure our internal controls meet SOX requirements, support audits, and work cross-functionally to manage IT and security compliance risks.
JOB RESPONSIBILITIES:
JOB REQUIREMENTS:
PHYSICAL ENVIRONMENT/ DEMANDS:
The above statements are intended to describe the general nature of the work performed by the employees assigned to this job. All employees must comply with Company policy and applicable laws. The responsibilities, duties, and skills required of personnel so classified may vary within each department and/or location.
All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.
We're seeking a Senior GRC Analyst with deep experience in SOX controls to strengthen our Governance, Risk, and Compliance program. This role will ensure our internal controls meet SOX requirements, support audits, and work cross-functionally to manage IT and security compliance risks.
JOB RESPONSIBILITIES:
- Own and manage IT SOX controls, including design, documentation, testing, and remediation.
- Partner with internal audit and external auditors to coordinate walkthroughs, evidence collection, and control testing.
- Identify gaps or deficiencies in controls and drive remediation plans to closure.
- Develop and maintain risk and control matrices (RCMs) and process documentation (P&Ps, flowcharts, etc.)
- Support enterprise risk assessments and compliance reviews across IT systems and processes.
- Collaborate with security, infrastructure, finance, and application teams to embed controls in daily operations.
- Monitor regulatory changes and best practices related to SOX and IT compliance.
JOB REQUIREMENTS:
- 5+ years of experience in GRC, IT audit, or cybersecurity compliance, with a strong focus on SOX.
- CISA, CISSP, or similar certifications preferred.
- In-depth knowledge of ITGCs, application controls, and relevant frameworks (COBIT, NIST, COSO).
- Familiarity with tools like Sailpoint, Archer, or ServiceNow GRC.
- Strong project management, documentation, and communication skills.
- Proficiency with Excel (advanced functions, data analysis) and PowerPoint (executive-level presentations).
- Good judgment is required for this position as there may be times when direct supervision may not be immediately available.
PHYSICAL ENVIRONMENT/ DEMANDS:
- Some travel may be required.
The above statements are intended to describe the general nature of the work performed by the employees assigned to this job. All employees must comply with Company policy and applicable laws. The responsibilities, duties, and skills required of personnel so classified may vary within each department and/or location.
All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.