IT Internal Controls Manager

United Fire Group is seeking a Manager of IT Internal Controls to lead the design and oversight of a robust IT control framework. This role is responsible for oversight over the Companys IT control framework and providing risk and control advisory support for system upgrades and implementations. The ideal candidate is a strategic hands-on leader with a strong background in IT risk identification control design and process optimization within the P&C insurance or financial services industries. This individual will be instrumental in fostering a culture of strong governance IT risk management and continuous improvement across the organization.

Essential Duties & Responsibilities:

• Support the vision strategy and roadmap for the IT Internal Controls function
• Serve as a subject matter expert on IT internal controls providing guidance and education to IT and business partners.
• Assist in the development of a comprehensive risk-based IT SOX compliance program that meets regulatory requirements and provides assurance over the companys Information Technology internal controls over financial reporting (ITGCs and IT Application Controls).
• Lead walkthroughs of key business processes and underlying technology collaborating with IT and business process owners to design effective preventative and efficient IT controls.
• Provide proactive risk and control advisory support for system upgrades and new technology implementations from the planning stages through post-implementation reviews.
• Create and maintain detailed IT SOX documentation including IT process flowcharts risk and control matrices and narratives.
• Conduct IT risk assessments to identify evaluate and prioritize technology-related risks to financial reporting and business operations.
• Evaluate and mature the companys IT control environment by providing strategic risk guidance and designing mitigating controls related to IT infrastructure security and application layers.
• Establish and monitor key risk indicators (KRIs) and key performance indicators (KPIs) to provide early identification of risk trends and potential control deficiencies within IT systems.
• Evaluate IT control deficiencies to understand root cause and impact and work with process and control owners to develop and track effective remediation plans.
• Evaluate controls and processes for opportunities to leverage automation and new technologies reducing manual effort and improving control effectiveness.
• Assist in the development and execution of the IT audit plan including the performance of IT risk assessments and coordination of internal audit testing.
• Liaise directly with the companys external auditors serving as a point of contact for IT SOX and internal control matters.

Job Specifications:

Education:

• Bachelors degree in management information systems Computer Science Accounting or a related field.

Certifications/Designations:

• Certified Information Systems Auditor (CISA) or Certified Public Accountant (CPA) is strongly preferred.

Experience:

• 5-7 years of experience in IT audit IT internal controls or public accounting with a focus on technology preferably within the insurance or financial services industry.
• Experience supporting a SOX compliance program including participation in IT risk assessments control design and documentation.
• Experience providing risk and control advisory support for system implementations (e.g. ERP core insurance systems).
• Experience in a public company environment is a plus.

Knowledge Skills & Abilities:

• Strong knowledge of the Sarbanes-Oxley Act COSO framework and US GAAP as they relate to IT controls.
• Exceptional analytical skills with the ability to identify analyze and interpret complex IT and business processes and risks.
• Proven ability to drive IT process improvements and implement automated control solutions.
• Excellent communication skills both written and oral with the ability to effectively present complex IT risk information to all levels of the organization.
• Strong leadership interpersonal and collaborative skills to influence change across IT and business teams.
• Strong understanding of cybersecurity and information security frameworks (e.g. NIST COBIT).

Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this job. It is not designed to contain or be interpreted as a comprehensive list of all duties responsibilities and skills required. Additional tasks and requirements may be assigned as necessitated by business need. UFG retains the right to modify the description of this job at any time.

Required Experience:

Manager