IT Controls Senior Analyst

SOX, COSO 2013, COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC, CISA, CISSP, CISM is required. Audit experience in Windows, Unix, Oracle, Exadata, Support and manage IT General Control (ITGC)
Full Time, Contract W2, 6 Months
Depends On Experience
Telecommuting not available Travel not required

Job Description

GC and Citizen, TN Visa's please apply, no sponsorship is available

The ITControls Senior Analyst will primarily be responsible to: 1. Support and manage IT General Control (ITGC)risk assessment projects for new IT SOX in-scope systems with IT businesspartners.a. Example Deliverables include:i. Risk and Control Matrixii. Control Frameworkiii. List of gaps/issues, recommendations,implementation plans with due datesiv. Process/control narratives, Process mapv. Infrastructure detail filevi. Walkthroughs of new key controls2. Assisting in preparation and maintenance ofexisting IT SOX process documentation (process narratives, flow charts,risk/control matrices, etc.) with IT business partners. 3. Assist in assigned ad-hoc IT SOX complianceor activities which may be more business or cross-functionally focused.4. Assist with the development and updating ofIT SOX training programs

The ITControls Senior Analyst will primarily be responsible to help build awarenessand reinforce the importance of a strong internal controls environment bypartnering with the Company's IT department to support and manage IT internalcontrol assessments, provide recommendations and guidance to IT controlowners/business partners, and assist with internal and external IT auditactivities for the Company's annual SOX 404 compliance activities (IT generaland application controls). The IT Controls Senior Analyst will work within thegeneral guidelines provided by the Director, Global Internal Controls and theManager, IT Global Internal Controls.Assist with overall SOX governance programthrough:a. Performing ITGC and risk assessment projectson new systems coming into SOX scope. i. Identify gaps against the ITGC baseline,recommend ways to remediate gaps, design controls that will mitigate the risk,and documenting new/modified IT general controls (ITGCs) and IT applicationcontrols through performance of ITGC and risk assessment projects.b. Assisting in preparation and maintenance ofIT SOX process documentation (process narratives, flow charts, risk/controlmatrices, etc.) with IT business partners in accordance with the higheststandard.c. Assist with the development of internalcontrols and IT SOX training programs. d. Assist in ad-hoc IT SOX compliance andactivities including by not limited to management walkthroughs, testing,follow-up on open items, remediation efforts, and documentation updates, etc.,utilizing sound judgment to identify and assess risk, strategic risk coverage,materiality, adequacy of audit evidence, and the significance of findings.



  1. 2. Experience with large publicly-traded,international companies subject to SOX requirements is required.3. Theoretical knowledge and practicalapplication of major risk and IT control frameworks and IT industry standards(e.g., COSO 2013, COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC, etc.) isrequired.4. Advanced knowledge and experience inidentification, auditing, design, and operating effectiveness of IT generalcontrols and application controls is required.5. Robust project management skills; provenability to manage multiple projects, work effectively with cross-functionalpartners and drive process improvement initiatives across the organization isrequired.6. Intermediary to advanced skills in MS Officeproducts (Excel, Word, Powerpoint, Visio, at a minimum) is required.Education/Certifications: 1. Bachelor's Degree in accounting, managementinformation systems, computer sciences, or equivalent combination of education,audit training, and years of experience is required.2. Certifications in IT compliance standards(e.g., CISA, CISSP, CISM) is required.3. Other relevant professional certificationsuch as Certified Public Accountant (CPA), Certified Internal Auditor (CIA) orCertified Fraud Examiner (CFE) is a plus.4. Master's degree in relevant IT or businessarea is a plus.Mandatory Technical Skills1. Excellent understanding of IT GeneralControls and risks across a broad variety of systems.2. Ability to apply risk & controlsknowledge & theory to a variety of scenarios.3. Strong business acumen, critical thinking,problem-solving, analytical skills, attention to detail, and is a self-starter.Nice to have technical skills:1. Working knowledge of major businesscycles/process flows/controls in SAP modules (or equivalent ERP system) is adistinct plus.2. Audit knowledge and experience with variousoperating system and database platforms (e.g. Windows, Unix, Oracle, Exadata,etc.) is a distinct plus.Soft Skills: 1. Polished communication skills is requiredincluding:1. Ability to interact, influence withoutauthority with employees and leaders across different business areas 2. Ability to communicate compliance and ITtechnical requirements into relevant and understandable terms for IT andbusiness personnel and vice versa for IT personnel.3. Strong presentation skills, both written andverbal, to management2. Strong organizational change management,planning and project management skills. Proven ability in driving multifaceted,cross-functional projects 3. Ability to work independently and comfortableadapting to frequently shifting priorities as decisions are made daily tosupport and strengthen the control environment.


Posted By

Jay Johnson

Dice Id : 10123255
Position Id : JAYGRAANT1
Have a Job? Post it