Role: IT SOX Compliance Lead
Location: Allentown, PA - Hybrid
Qualifications:
The vendor shall provide personnel who meet the following minimum qualifications:
10+ years of experience supporting enterprise IT SOX programs for fortune 500 companies.
Strong understanding of SOX requirements, control frameworks, and ITGCs.
Experience in authoring control narratives, performing SOX risk assessments, and testing controls.
Familiarity with SOC1 report review and disposition.
Excellent communication, analytical, and project management skills.
Strong attention to detail and organizational skills required.
Callouts:
Looking for a candidate who can help evaluate the overall effectiveness and efficiency of the IT SOX Compliance program and controls, who can help identify practical improvement areas to strengthen control execution and opportunities for automation.
Authoring Control Narratives
o Develop, maintain, and update detailed control narratives for ITGCs, application controls, and system development controls.
o Ensure documentation accurately reflects current control design and operating procedures.
o Collaborate with internal stakeholders to validate control narratives and address gaps.
Assessing New Applications for SOX Impact
o Evaluate new and existing IT systems and applications (including third-party solutions) to determine SOX relevance and impact.
o Conduct risk assessments and scoping determinations for in-scope applications.
o Recommend control requirements and remediation actions to ensure compliance with SOX and internal control over financial reporting (ICFR).
Review and Disposition of SOC1 Reports
o Partner with Control Owners to assist in the review of SOC1 (System and Organization Controls) reports for third-party service providers.
o Assess the adequacy of controls described in SOC1 reports and determine their impact on PPLs SOX compliance.
o Document findings and recommend actions for any identified gaps or deficiencies.
Control Testing and Remediation
o Perform testing of controls for operational effectiveness.
o Track and validate remediation of control deficiencies through to closure.
o Advise management on appropriate remedial actions and monitor progress.
Compliance and Reporting
o Provide periodic updates and reporting to management on SOX compliance status, control effectiveness, and remediation activities.
o Represent IT in meetings and communications with internal and external audit teams.
Continuous Improvement
o Identify and implement operational improvements to drive compliance, efficiency, and education in the IT SOX environment.
o Train and mentor IT control owners to help improve the quality and consistency of control evidence.
Collaboration and Knowledge Sharing
o Work closely with cross-functional teams to integrate security controls and processes into infrastructure and applications.
--
Asher Williams
Desk: 2o1.497.1o1o X:1o5 | Direct: 551.272.o129
asher (at) pullskill dot com
Never miss an opportunity! Create an alert based on the job you applied for.
