Sr Analyst II, IT SOX Compliance
















The Senior Analyst II, IT SOX Compliance will provide leadership, mentor and
guide the testing aspects of all IT General Computer Controls (ITGCCs) and IT
Application Controls (ITACs). Additionally, hands on testing is also expected
in this role.
The candidate will identify appropriate risk factors and will assess the
adequacy of existing controls and their related design and effectiveness given
those risks.
The candidate must possess strong knowledge of SOX 404, AS5, and the SEC
Interpretative Guidance.
The candidate must have either prior SOX 404 IT experience in a Big 4 firm
or a global corporate environment.
The candidate is expected to be detail highly oriented and have excellent
written and verbal communication skills.
Executing and documenting test plans and test results with control owners,
including details regarding exceptions, overall conclusions, and control
effectiveness.
Communicating test results to control owners and key stakeholders.
Documenting and tracking remediation activities associated with identified
control deficiencies.
Supporting the conclusion of operating effectiveness of controls and
assessing overall process stability.
Identifying and communicating process improvement
opportunities/remediation.
Tracking the progress and monitoring the remediation plan and actions.
Guide and coordinate Segregation of Duties and SSAE 16s.
Support the planning of system and application level internal control tests,
including the creation of original test plans
Maintaining a current understanding of prevailing SOX IT audit tools,
techniques, methodologies, and regulatory requirements.
Interfacing regularly with various levels of the IT organization(. generally at
the Senior Analyst, Manager and Director levels) as well as the internal and
external auditors to ensure timely test execution and issue resolution.
He/she will also have contact with external and Internal Audit.
Qualifications:



Detailed knowledge of SOX 404, AS5, COSO, COBIT and the SEC Interpretative
Guidance required.
Project management and cross functional experience (dealing with IT and
Finance)
Broad understanding of ITIL, Agile, GAIT, PMP preferred.















Mastery of IT GCC, ITACs, SSAE16, segregation of duties, and spreadsheet
and report controls required.
Advanced IT skills, including Excel, Access, and the ability to create macros,
SQL scripts, etc.
Experience with Oracle, UNIX, RACF, Active Directory, LDAP, Windows NT,
ACL, and other audit and retail applications, prerferred
Strong analytical, organizational and project management skills, and
demonstrated ability in making decisions and exercising good judgment.
Ability to influence people and process.
Strong interpersonal skills with proven ability to develop and maintain
effective business partner relationships.
Ability to address highly complex technical issues.
Effective oral and written communication skills, with demonstrated
presentation experience.
Ability to effectively deal with competing priorities and meet aggressive
guidelines.
BS degree in Finance or Information Systems required.
CISA required
MBA, CPA, CISSP is a plus.
6+ years of experience related to SOX IT compliance work (i.e., IT general
computer controls and application controls).
Previous information technology audit experience in a Big 4 firm preferred.
Previous experience in retail industry is a plus