The Senior SOX Compliance Analyst is responsible for ensuring the effectiveness of internal IT general controls (ITGC) over financial reporting in accordance with the Sarbanes-Oxley Act (SOX). This role involves supporting the design and implementation of ITGC and performing controls testing. The ideal candidate will have experience in IT compliance, with excellent analytical and communication skills.
Key Responsibilities
Lead the planning, execution, and documentation of SOX compliance activities, including risk assessments, control testing, and remediation efforts.
Assist with other internal and external cybersecurity and IT audits as required.
Evaluate the design and operating effectiveness of IT controls over financial reporting and ensuring compliance with SOX requirements.
Conduct risk assessments to identify potential areas of risk and recommend improvements to mitigate those risks.
Perform detailed testing of key controls, document results, and identify control deficiencies. Work with process owners to develop and implement remediation plans.
Maintain comprehensive documentation of SOX compliance activities, including process narratives, flowcharts, risk matrices, and testing results.
Collaborate with cross-functional teams, including finance, IT, and operations, to ensure a comprehensive understanding of business processes and controls.
Provide training and guidance to process owners and control performers on SOX compliance requirements and best practices.
Identify opportunities for process improvements and automation to enhance the efficiency and effectiveness of the SOX compliance program.
Qualifications:
Bachelor s degree in information technology, accounting, finance, business Administration, or a related field.
8+ years of experience in IT auditing, with a focus on SOX compliance and internal controls.
Strong understanding of SOX requirements, internal control frameworks, and auditing standards.
Experience with other IT control frameworks such as NIST CSF, ISO 27001 is a plus.
Strong verbal and written communication skills, with the ability to effectively communicate with all levels of the organization.