Job Overview:
We are seeking an experienced Risk Analyst to join our team. In this role, you will be responsible for developing and implementing effective internal controls to mitigate risks within our IT environment.
Main Responsibilities:
1. Control Management: Support control owners through the full management of the IT SOX audit cycle, including assisting with control improvements and maintaining the IT SOX control framework.
2. Stakeholder Engagement: Build and maintain positive relationships with stakeholders, including application, process, and control owners, along with management in support of IT Risk and Compliance processes.
3. Technology Knowledge: Gain knowledge of various systems and technologies, including SAP S/4, SuccessFactors, Salesforce, Descartes, Coupa, Concur, and legacy systems.
4. Risk Assessments: Perform targeted risk assessments and provide recommendations to Control Owners.
5. Scoping Activities: Participate in scoping activities for IT SOX applications, system changes, and business transformation projects.
6. Internal Controls: Contribute to the design and implementation of enhancements for internal controls such as segregation of duties, change management, access management, IT operations, workflow, and application configuration.
7. Audit Evidence: Validate audit evidence for completeness and accuracy prior to submission to auditors.
8. Control Exceptions: Identify, communicate, and coordinate efforts to resolve control exceptions.
9. Governance Program: Drive continual improvement of the IT SOX governance program through training, facilitation, and creating support materials.
10.
11. User Entitlements: Assist with user entitlement reviews using custom tools built on Alteryx and Outsystems.
Requirements:
* Degree: Bachelor's degree or equivalent in a related field.
* Experience: 5+ years of relevant experience in IT controls frameworks and audit methodologies (COSO, COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC).
* Skills: Strong understanding of IT Sarbanes Oxley (IT SOX) and internal/external audits. Experience with SAP and certifications like CISA, CISM, CIA, CPA are pluses.
* Proficiency: Proficiency in Microsoft Office tools and project management basics.
* Skills: Excellent interpersonal, communication, and organizational skills.