The Internal Controls IT SOX team is a part of the Finance organization focusing on centralizing compliance programs across business and IT. Our IT SOX team oversees processes to ensure an effective internal control environment. The team works closely with Internal and External Audit, IT and Business partners across the organization.
The Manager of IT SOX Governance and Monitoring is responsible for managing the governance program that guides, monitors, evaluates, and reports on the effectiveness of internal control over financial reporting related to IT (processes, applications, infrastructure, tools, etc.). The role works collaboratively with individuals and teams across the organization to maintain effective IT controls and support the Company’s strategic objectives.
Major Tasks, Responsibilities and Key Accountabilities:
- Project Management and Execution – oversee people and processes ensuring an effective internal controls over financial reporting for IT. Responsibilities include:
- Performing enterprise-wide SOX scoping activities (e.g., IT applications/tools, IT infrastructure and IT general controls)
- Updating SOX scoping via linkage to IT applications/systems, infrastructure, and risks and controls
- Documenting IT general control domains and associated controls (e.g., walkthroughs, narratives, risk and control matrix)
- Partnering with IT teams to continuously assess the design of controls
- Collaborating with key IT, business, and audit teams to evaluate technology related risks
- Performing monitoring, dashboarding and reporting on the remediation of IT control deficiencies
- Assisting IT teams with root cause analysis, remediation action plans, remediation activities, providing training and resources to IT teams to ensure timely remediation
- Contribute to controls status updates to leadership
- Reporting and Communication – Establish and maintain effective communication, dashboarding, and reporting to stakeholders and Senior Leadership
- Oversee the process to analyze and update SOC report evaluations, partnering with the relevant stakeholders to ensure risks are mitigated
- Deploy training related to controls, policies, and requirements to evolve capabilities, governance awareness and efficiencies
- Enterprise Initiative Support – support IT teams with strategic initiatives; continuously assess internal processes for process improvement opportunities, including technology enablement
- Manage the implementation and roll-out of GRC software to support efficient and effective SOX program management and execution
- Perform the IT general control deficiency evaluation process
- People Management – manage and develop an effective and proficient team
- Develop value-adding relationships with process owners and make recommendations for process improvement
Nature and Scope
- Typically reports to Senior Manager, Internal Controls
- Accountable for direct supervision of the work activities of others. Planning, monitoring and reviewing work of subordinates is required. This may include direct supervision or the coordination of multiple work groups. Makes recommendations concerning selection, termination, performance appraisal and professional development
- Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
- Typically requires overnight travel less than 10% of the time.
- Must be eighteen years of age or older.
- Must be legally permitted to work in the United States.
The knowledge, skills and abilities typically acquired through the completion of a bachelor’s degree program or equivalent degree in a field of study related to the job.
Years of Relevant Work Experience: 5 years
Physical Job Requirements:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
- Master’s degree in Accounting, Information Systems, or related field is preferred
- Strong IT, business process, risks, and controls knowledge
- CISA, CISSP, CIA, or other related certification preferred
- Proven ability to lead and develop high functioning teams
- Strong strategic thinking and problem-solving ability
- Ability to partner with IT stakeholders across the organization to achieve consensus
- Ability to influence at all levels of the organization through strong verbal and written communication skills
- Comfort negotiating in competitive or adversarial environments
Knowledge, Skills, Abilities and Competencies
- Thorough working knowledge of IT general controls, COBIT, Auditing Standards, and generally accepted accounting practices
- Be able to understand, assess and prioritize risks across the components of the IT environment (e.g., application, operating system, and database)
- In-depth experience and knowledge of key IT and information security topics such as cyber security, applications, infrastructure, systems implementations, cloud computing, IT general controls, SOC reports, and back-office operations
- General knowledge of the technologies used in complex IT environments
- Understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards
- Adept at assessing complex IT and business processes environments to identify potential IT, financial, operational, and compliance risks
- Familiarity with risk management methodologies, frameworks and principles
- Ability to appropriately articulate requirements to technical and business stakeholders
- Experience with GRC Technology
- Address Atlanta, GA, USA
- Salary Offer $100.000 ~
- Experience Level Manager
- Total Years Experience 5-10
- Academic Degree Bachelors