IT SOX Manager

IT SOX Manager

Location: Miami FL | Orlando, FL | Norwalk, CT | Red Bank, NJ [Fully onsite, M-F]

Job Type: Full-time
 

Job Overview: 

The IT SOX Manager will support the Director, Internal Controls and Audit with building the SOX compliance program, overseeing risk assessments, scoping, controls optimization and related test work. This role includes hands-on management of internal and external partners in executing the SOX plan. Responsibilities include collaborating with process and control owners, external auditors, and other stakeholders to understand IT processes and risks. 

Core responsibilities include: 

• Manage and direct the work streams related to IT SOX compliance including IT General Computer Controls (ITGCC), Segregation of Duties (SOD) controls, and application controls. 

• Provide oversight and review of end to end control walkthroughs, documentation and quality assurance for all SOX IT areas. 

• Provide technical support in the assessment, design and implementation of IT General Computer Controls (ITGCC) and IT application control requirements. 

• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGCC including control gaps and findings identified by management. 

• Review test findings, facilitate the remediation of IT Automated/Application (ITAC) control gaps, and escalate possible critical issues to senior management within IT. 

• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC and ITACs. 

• Participate in systems upgrades and enhancements, as necessary, to review that internal controls over financial reporting are adequately identified and addressed. 

• Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT. 

• Guide the SOX planning, scoping and execution of audits primarily in areas associated with technology and technology-related risks (e.g. cybersecurity, privacy, and business resilience) including reviews of new and enhanced products and supporting systems, process changes and system implementations. 

• Gain agreement from the business on the root cause of issues and appropriate corrective actions while maintaining positive relationships and independence. 

• Work with management and users to interpret the significance of audit findings, conclude on findings, make practical recommendations, and verify that remediation plans are implemented. 

• Demonstrate strong technical skills and understanding of key security, privacy, agile engineering practices. 

Qualifications 

• 6+ years of progressive internal audit experience in either Big 4 public accounting, and/or in industry 

• Bachelor’s or Master’s degree in a relevant discipline (e.g. Computer Science, Information Systems, Accounting) or equivalent experience 

• CISA, CISM and/or CISSP certifications preferred 

• Demonstrated knowledge of technology risks, including direct experience evaluating the effectiveness of cybersecurity, privacy and engineering controls 

• Working knowledge of information technology best practices and control frameworks such as NIST CSF, ISO27001 and COBIT 

• Demonstrated influencing skills including the ability to explain complex topics in simple terms and inspire transformational improvement in internal controls 

• Excellent written & verbal communication and presentation skills