Sr. Lead Analyst – SOX IT Governance

Location:

Job Title (Job Profile Name)

Sr. Lead Analyst SOX IT Governance

Location

Cleveland OH (Hybrid 3 days in office per week)

Reports To

Senior Manager SarbanesOxley Program Governance

Job Profile Summary

The Sr. Lead Analyst SOX IT Governance serves as a key subject matter expert within the Financial Risk Governance team supporting the execution monitoring and continuous improvement of the Banks SarbanesOxley (SOX) IT controls program. This role contributes advanced analytical and technical expertise to SOX IT governance activities leads and performs complex Test of Design evaluations for IT General Controls (ITGCs) and application controls and helps enhance the quality and consistency of SOX IT processes. The Sr. Lead Analyst collaborates with IT business risk and audit stakeholders to ensure adherence to ICFR COSO PCAOB and applicable IT control frameworks while supporting leadership in strengthening the Banks IT control environment and governance practices.

Compensation Grade

111e

Job Description

1. SOX IT Program Governance Support

Support execution of SOX IT governance processes including program documentation governance materials and program reporting for IT General Controls and application controls. Assist in coordinating crossfunctional discussions with IT and business stakeholders compiling program updates and preparing materials for senior leaders and governance committees. Contribute subject matter insights to strengthen SOX IT methodology documentation standards and oversight routines.

2. Test of Design (TOD) Execution & Expertise

Lead and perform complex Test of Design evaluations for SOX IT controls across infrastructure applications and key supporting systems. Review IT control narratives walkthroughs and documentation to ensure accuracy clarity and alignment with SOX IT program standards. Provide guidance to IT control owners and testers on improving control design documentation practices and technology risk mitigation approaches.

3. Risk Assessment & Scoping Support

Perform detailed analysis to support the annual and periodic SOX IT risk assessment and scoping process. Evaluate significant IT systems applications interfaces and supporting processes using quantitative and qualitative criteria. Identify emerging technology risks and recommend updates to SOX IT scope based on changes in platforms data flows system implementations or regulatory expectations.

4. Testing & Issue Management Coordination

Monitor SOX IT control testing progress and review testing results for completeness and consistency with program methodology. Partner with IT testing teams internal stakeholders and control owners to support accurate evaluation of IT control deficiencies. Support the remediation lifecycle by validating corrective actions and ensuring alignment with SOX ICFR and IT control framework expectations.

5. Reporting Metrics & Analytics

Prepare dashboards metrics and SOX IT program status reports using GRC tools and data analytics. Summarize trends recurring issues and insights related to IT controls to support leadership decisionmaking. Assist in preparing materials for governance committees external auditors and internal stakeholders.

6. Continuous Improvement & Automation

Identify opportunities to streamline SOX IT processes enhance documentation quality and support automation or analytics initiatives related to IT controls. Contribute to tool enhancements process redesign activities and pilot initiatives focused on improving SOX IT program efficiency and effectiveness.

7. Training & Communication Support

Assist in developing SOX IT training content for IT control owners testers and other stakeholders. Support delivery of training and awareness activities to promote understanding of SOX IT requirements program updates and control documentation expectations. Develop clear communications that enable consistent execution of SOX IT controls across technology and business areas.

Required Qualifications

• Bachelors degree in Information Systems Accounting Finance or related discipline.
• Minimum 5 years of experience in SOX IT audit IT risk management internal controls or a related risk/control discipline.
• Strong knowledge of SOX ICFR COSO PCAOB and IT control frameworks (e.g. COBIT NIST).
• Demonstrated experience performing or reviewing IT control design assessments including ITGCs and application controls.
• Strong analytical communication and collaboration skills.
• Experience with GRC tools automation or data analytics preferred.
• CISA CPA or CIA preferred.

Competencies / Skills

Accountability & Ownership

Takes responsibility for highquality execution of ITfocused assignments delivering accurate and timely work while proactively identifying control gaps and recommending solutions.

Governance Support & Influence

Demonstrates strong understanding of SOX IT governance and effectively influences crossfunctional partners to drive consistency quality and alignment across technology processes.

IT Control Design Expertise

Exhibits deep understanding of IT control design principles technology risk mitigation and documentation standards providing credible guidance to IT stakeholders.

Analytical Rigor

Applies advanced analytical skills to evaluate IT environments systems and controls identify gaps and recommend actionable improvements.

Communication & Collaboration

Communicates complex IT risks and control concepts clearly to technical and nontechnical audiences. Builds strong working relationships across IT business risk and audit teams.

Continuous Improvement Mindset

Champions process optimization innovation and the use of automation or analytics to enhance SOX IT program efficiency.

Integrity & Ethics

Demonstrates the highest standards of ethical conduct sound judgment and professionalism.

Accuracy Timeliness & Planning

Strong organizational skills with the ability to manage multiple priorities maintain attention to detail and consistently meet deadlines and quality standards.

COMPENSATION AND BENEFITS

Please click here for a list of benefits for which this position is eligible.

Key has implemented an approach to employee workspaces which prioritizes in-office presence while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing