IT SOX&Risk Mgmt Analyst

Education and Experience Requirements

Bachelor's Degree in IT related area, Business Administration required or equivalent combination of education and experience sufficient to successfully perform the essential functions of the job. 5 years of Finance, Accounting, or Information Technology functions or relevant experience.

Position Purpose:

Under general supervision, supports the IT governance function with an emphasis on Sarbanes Oxley (SOX), Risk Management, and Internal Audit. The position works closely with accounting on SOX control testing, reporting and remediation plans. It also works closely with the business and IT on internal audit, internal assessments, establishing controls, continuous process improvement, and remediation plans. Monitors compliance with operating policies and procedures that affect both IT and the company as a whole.

Job Description

Principle Duties and Responsibilities:

Essential Functions:

1. Support Annual IT SOX Effort and annual Internal Audit Efforts .
2. Working with Accounting, define the annual IT SOX audit plan and the Internal Audit Plan .
3. Coordinate the scheduling of IT audits with Accounting, IT Management, Process Owners and other interested parties .
4. Report interim and final audit findings and recommendations .
5. Maintain open lines of communication with accounting, IT, and the business .
6. Meet all internal and external audit deadlines .
7. Operational Management Support of IT SOX and Cyber Security .
8. Collaborate with process owners, Accounting, and Internal/External Audit, and other experts to manage tasks .
9. Regularly evaluate new or revised processes/controls to ensure they are operating effectively .
10. Obtain signoff from management of the revised processes within each manager’s area of responsibility .
11. Maintain a library of project documentation .
12. Prepare and deliver training workshops, sessions, materials, and presentations to assist process owners, employees, and management with transition from old processes or controls to new ones .
13. Regularly report progress to management team, stakeholders and other parties .
14. Manages Patch and Vulnerability Team (PVT) efforts .
15. Reports PVT Metrics .
16. Manages Risk Assessments process .
17. Monitors compliance with organization policies and standards.
18. Identifies opportunities that use information security methodologies and / or controls to improve processes, documentation, or other areas of security related performance.

Perform other duties as assigned.

Other Requirements:

1. Advanced degree or certification desirable. Masters Degree may offset one year where a PhD in related field may be used to reduce work experience by two years.

A credit history check from a national credit bureau will be conducted for all candidates for this position including new hires and current employees seeking promotion or transfer. This job requires one to be able to read, write, speak, and understand the English language.