Sr. IT Internal Controls / Northbrook, IL

We are seeking a highly motivated and experienced Senior IT Internal Controls. This person will play a key role in ensuring our IT systems and processes comply with regulations and industry best practices. A successful candidate will have experience designing, documenting, testing, and remediating IT internal controls for large public companies.

Work Experience:

• Minimum of 5-7 years of experience in IT internal controls, external audit, internal audit, or a related role.
• Experience designing, implementing, and/or testing IT general controls (i.e., SDLC, change management, access management, and interfaces/integrations).
• Experience designing SAP controls
• Experience using AuditBoard SOXHUB module
• Experience configuring and deploying modern GRC tools
• Experience auditing or consulting for a Big 4 firm
• Advanced skills in Excel and data analytical tools.
• Able to drive remediation and evidence gathering in a timely manner
• Excellent IT Audit documentation skills
• Thorough knowledge of SOX IT Compliance concepts

Certifications:

CISA, CISSP, CIA, CPA, CRISC, or CISM

Roles and Responsibilities:

• Support all aspects of IT compliance with internal control requirements, including designing, implementing, documenting, and testing IT controls and processes.
• Collaborate with IT, finance, and other cross-functional teams to identify and document key IT controls and processes that are subject to compliance.
• Create and maintain IT controls environment documentation (e.g., process flows, narratives, control matrices, role security matrices, etc.) by conducting walkthroughs, identifying relevant information, and documenting key details.
• Assess the impact of new business initiatives, system implementations, and IT policy changes on the IT internal controls environment. Provide guidance and training to support compliance.
• Conduct regular assessments and audits of IT internal controls to ensure compliance with requirements and identify any potential compliance risks or issues.
• Identify control gaps, evaluate risk, and develop corrective action plans to address deficiencies, enabling sustainable control processes.
• Develop and implement IT compliance policies, procedures, and guidelines to ensure adherence to regulations and industry standards.
• Support the timely delivery of necessary documentation and evidence to internal and external auditors.
• Support the selection, configuration, and adoption of GRC tools to facilitate IT internal controls initiatives.
• Execute or facilitate the execution of IT internal controls activities, where applicable.
• Suggest efficiencies and continuous improvement opportunities related to the IT internal controls program.
• Provide training on IT internal controls, as needed.
• Collaborate with cross-functional teams to develop, implement, and remediate IT internal controls.
• Monitor and report on control effectiveness and other program key performance indicators via metrics and dashboards.
• Stay current on changes to the IT internal controls regulatory environment and their impact to Customer.

Knowledge / Skills / Abilities:

• Familiarity with using modern GRC tools to effectively manage IT internal control execution and testing
• In-depth understanding of IT General Controls (i.e., Change Management, Access, IT Operations), SDLC, and application controls
• Knowledge of SOX audit scoping, testing, and sampling methodologies
• Experience developing and maintaining IT internal control documentation (e.g., risk control matrices, narratives, process flow diagrams, etc.)
• Familiarity with SOC 1 report reviews and documenting complementary user entity controls
• Knowledgeable on managing and mitigating segregation of duties violations

Education:

• Bachelor's degree in Information Technology, Information Security, Computer Science, Business, Accounting, or related field, or equivalent work experience