IT & SOX Control Senior Manager

Senior Manager Internal Audit & SOX Compliance

Reports To: Director Internal Audit

Location: NYC (Hybrid 3 days in office)

Travel: Up to 25%

ABOUT THE WELLA COMPANY

TogetherWEenable individuals to look feel and be their true selves.

WellaCompany is one of the worlds leading beauty companies comprised of a family of iconic brands such as Wella Professionals Clairol OPI Nioxin and ghd. With 6000 employees globally presence in over 100 countries WellaCompany and its brands enable consumers to look feel and be their true selves. As innovators in the hair and nail industry WellaCompany empowers its people to delight consumers inspire beauty professionals engage communities and deliver sustainable growth to its stakeholders.

For additional information about the Wella Company please visit .

The Senior Manager of IT Audit and SOX Compliance is a leadership role within the Internal Audit function responsible for the design execution and continuous improvement of the organizations IT audit program SOX IT General Controls (ITGC) framework and technology-enabled audit capabilities. This role serves as the primary subject matter expert on enterprise systems cybersecurity controls and IT risk providing assurance to executive leadership and external auditors regarding the posture of technology controls

Responsibilities:

IT Audit Program Leadership

• Develop and execute the annual IT audit plan covering application controls cybersecurity infrastructure data management third-party / vendor risk and emerging technology risk
• Lead complex high-risk IT audit engagements including ERP configuration reviews privileged access audits change management audits cybersecurity assessments and cloud migration reviews

SOX IT General Controls Program

• Partner with external auditors to align on ITGC scope testing approach reliance strategy and deficiency classification serving as the primary internal liaison for all IT-related SOX matters
• Maintain the ITGC control library ensuring controls are accurately documented mapped to relevant risks and financial reporting assertions and reflect the current system and process environment
• Evaluate IT control deficiencies using the PCAOB and COSO frameworks assess aggregation risk and present findings and remediation plans to the VP of Internal Audit CFO and Audit Committee as required
• Drive continuous improvement in the SOX program to reduce redundancy increase efficiency and improve reliance by external auditors with a target of reducing external audit fees through expanded internal reliance

AI Adoption and Audit Innovation

• Support the strategy and execution for embedding artificial intelligence and machine learning tools into the Internal Audit function with the goal of enhancing risk identification testing efficiency and insight quality across all audit types
• Evaluate pilot and implement AI-powered audit tools covering areas such as natural language processing for contract and policy review anomaly detection in financial transactions predictive risk scoring for audit planning and automated workpaper generation

Data Analytics Program

• Design build and institutionalize a core suite of data analytics routines to be used systematically across financial operational IT and compliance audits moving the function from ad hoc data analysis to a repeatable scalable analytics capability

ERP and Application Controls

• Serve as the functions primary subject matter expert on enterprise resource planning systems with the ability to navigate system configuration authorization structures master data governance and financial reporting processes at a technical level
• Lead or direct audits of ERP environments covering access controls and segregation of duties configuration change management financial close processes automated application controls and interface and data integrity

Requirements

Education

• Bachelors degree in information systems Computer Science Accounting Finance or a related field required
• Masters degree in a relevant discipline is advantageous

Professional Certifications

• CIA (Certified Internal Auditor) CISSP (Certified Information Systems Security Professional) CISA (Certified Information Systems Auditor) or CISM (Certified Information Security Manager) preferred

Experience

• Minimum 8 to 10 years of progressive experience in IT audit SOX compliance information security or a related field with at least 3 years in management or leadership capacity
• Demonstrated experience leading SOX ITGC programs in a publicly listed company including direct engagement with external auditors .
• In-depth knowledge of at least one major ERP platform is a mandatory requirement
• Proven track record of delivering IT audit engagements across a broad range of technology risk areas including access management change management cybersecurity cloud and application controls
• Experience building or significantly advancing data analytics capability within an Internal Audit or finance function. Proficiency in data analytics tools such as SQL Power BI Tableau Python or equivalent
• Hands-on experience with AI tools applied in an audit finance or risk management context is highly desirable

• We disclose the compensation range for positions in compliance with local law. Actual salaries will vary and may be above or below the range based on various factors including but not limited to location experience skills and in comparison to internal incumbents currently in similar roles. Pay Range: $135000 - $150000 salary per year. The range listed is just one component of Wella Companys total rewards package for employees. Other rewards may include annual bonus plan or variable pay depending on the addition Wella Company provides a rich variety of benefits to employees including health insurance life and disability insurance 401(k) retirement plan paid holidays and paid time off (PTO).

NOTICES

• All qualified applicants will receive consideration for employment without regard to race color sex sexual orientation gender identity religion national origin disability veteran status or other legally protected status.

• If you need assistance and/or a reasonable accommodation due to a disability during the application process please email. This email account will not respond to inquiries regarding the status of a candidates application.

• For CA located postings ONLY: Qualified Applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

• Information regarding your rights:Know Your RightsandPay Transparency Nondiscrimination Provision.

#LI-DB1