Sr IT Internal Controls consultant

We are seeking a highly motivated and experienced Senior IT Internal Controls. This person will play a key role in ensuring our IT systems and processes comply with regulations and industry best practices. A successful candidate will have experience designing documenting testing and remediating IT internal controls for large public companies.

Work Experience:

• Minimum of 5-7 years of experience in IT internal controls external audit internal audit or a related role.
• Experience designing implementing and/or testing IT general controls (i.e. SDLC change management access management and interfaces/integrations).
• Experience designing SAP controls
• Experience using AuditBoard SOXHUB module
• Experience configuring and deploying modern GRC tools
• Experience auditing or consulting for a Big 4 firm
• Advanced skills in Excel and data analytical tools.
• Able to drive remediation and evidence gathering in a timely manner
• Excellent IT Audit documentation skills
• Thorough knowledge of SOX IT Compliance concepts

Certifications:

CISA CISSP CIA CPA CRISC or CISM

Roles and Responsibilities:

• Support all aspects of IT compliance with internal control requirements including designing implementing documenting and testing IT controls and processes.
• Collaborate with IT finance and other cross-functional teams to identify and document key IT controls and processes that are subject to compliance.
• Create and maintain IT controls environment documentation (e.g. process flows narratives control matrices role security matrices etc.) by conducting walkthroughs identifying relevant information and documenting key details.
• Assess the impact of new business initiatives system implementations and IT policy changes on the IT internal controls environment. Provide guidance and training to support compliance.
• Conduct regular assessments and audits of IT internal controls to ensure compliance with requirements and identify any potential compliance risks or issues.
• Identify control gaps evaluate risk and develop corrective action plans to address deficiencies enabling sustainable control processes.
• Develop and implement IT compliance policies procedures and guidelines to ensure adherence to regulations and industry standards.
• Support the timely delivery of necessary documentation and evidence to internal and external auditors.
• Support the selection configuration and adoption of GRC tools to facilitate IT internal controls initiatives.
• Execute or facilitate the execution of IT internal controls activities where applicable.
• Suggest efficiencies and continuous improvement opportunities related to the IT internal controls program.
• Provide training on IT internal controls as needed.
• Collaborate with cross-functional teams to develop implement and remediate IT internal controls.
• Monitor and report on control effectiveness and other program key performance indicators via metrics and dashboards.
• Stay current on changes to the IT internal controls regulatory environment and their impact to Customer.

Knowledge / Skills / Abilities:

• Familiarity with using modern GRC tools to effectively manage IT internal control execution and testing
• In-depth understanding of IT General Controls (i.e. Change Management Access IT Operations) SDLC and application controls
• Knowledge of SOX audit scoping testing and sampling methodologies
• Experience developing and maintaining IT internal control documentation (e.g. risk control matrices narratives process flow diagrams etc.)
• Familiarity with SOC 1 report reviews and documenting complementary user entity controls
• Knowledgeable on managing and mitigating segregation of duties violations

Education:

• Bachelors degree in Information Technology Information Security Computer Science Business Accounting or related field or equivalent work experience