This role will be a part of _Operations Excellence__ function and _Tech Excellence_ team, and will report to __(Sr. Manager – Service Delivery)__. The Audit Specialist for SOX Compliance will work on SOX-related IT applications, focusing on Access Management, Change Management, Segregation of Duties (SOD), and remediation of deficiencies identified by internal and external audits. The role requires a strong understanding of SOX requirements, IT controls, and audit methodologies, as well as the ability to implement corrective actions to ensure compliance and mitigate risks.
Responsibilities & Accountabilities:
- Perform the compliance efforts for SOX-relevant IT applications, ensuring adherence to established SOX requirements and internal control frameworks.
- Be hands on with the access management process, including the implementation and review of user access controls to ensure proper segregation of duties and minimize unauthorized access.
- Data Security (data scanning, data security posture management, etc), Global Security Operations Center (threat detection), Software/resource visibility, Vulnerability Management(High or Critical issues), Identity & Entitlements assessments/issues, Misconfiguration
- Conduct periodic user access reviews for SOX in-scope applications and address any identified deficiencies
- Ensure that all changes comply with SOX requirements and that any deviations are identified and remediated.
- Evaluate and enforce SOD controls within IT applications to prevent conflicts of interest and reduce the risk of fraud or errors.
- Identify and assess IT deficiencies reported by internal and external auditors, particularly those related to SOX compliance.
- Develop and implement remediation plans to address identified deficiencies, ensuring timely resolution and communication with relevant stakeholders.
- Serve as the primary point of contact for SOX-related audits, coordinating with internal and external auditors to facilitate audit activities.
- Continuously assess and improve IT controls, processes, and procedures to enhance SOX compliance and reduce the likelihood of deficiencies.
- Stay up-to-date with regulatory changes, industry best practices, and emerging risks to ensure the organization’s SOX compliance framework remains effective.
- Provide training and guidance to IT and business teams on SOX compliance requirements and best practices.
- Assist in preparing audit reports, findings, and remediation plans that will be presented to Director/senior management and audit committees.
Qualifications
Basic Qualifications
- Minimum of 3 years of hands-on experience in IT audit, SOX compliance, or a related field
- Strong knowledge of SOX requirements, IT general controls, and audit methodologies.
- Experience with audit tools (Audit dashboard) and software, as well as ERP systems, is a plus.
- Excellent communication and presentation skills
Preferred Qualifications
- Professional certifications such as CPA, CIA, CISA, or equivalent are highly desirable.
