IT Security & SOX Specialist
Distinguished Programs · United States · 3 wk ago
RemoteRemoteInformation TechnologyFull-time
Responsibilities
- Lead and oversee the IT General Controls (ITGC) program to ensure SOX compliance across all systems, including control testing, deficiency evaluation, and remediation tracking.
- Cook up and execute on ITGC risk assessments, control documentation, walkthrough, and test activities across access management, change management, and IT operations.
- Evaluate control design and operating effectiveness; identify deficiencies, assess risk impact, and partner with technology stakeholders on remediation planning.
- Track remediation progress, validate corrective actions, and escalate unresolved risks in accordance with governance expectations.
- Serve as the primary liaison with Internal Audit and external auditors, supporting SOX and other external audit requests and ensuring timely, audit-ready deliverables.
- Prepare executive reports on control performance, deficiencies, and overall compliance status, while driving continuous improvement and control maturity.
- Cook up with IT stakeholders to obtain evidence, clarify control executions, and support remediation activities.
- Support the CISO in implementing internal security policies and providing required support to monitor, remediate, and improve the policies and procedures.
- Manage security monitoring, incident response coordination, vulnerability management, and access governance activities. Ensure appropriate security controls are integrated into system development lifecycle (SDLC), cloud deployments, and infrastructure operations.
Qualifications
- Bachelor’s degree in information security, Computer Science, Information Technology, or related field.
- 5+ years of experience in information security, IT audit, compliance, or risk management.
- 3+ years of experience managing SOX ITGC compliance programs.
- Strong understanding of: SOX ITGC controls, Access management and identity governance, Change management processes, IT operations controls, Risk management frameworks.
- Experience working with internal and external auditors.
- Experience engineering security solutions in both on-prem and cloud based environments.
- Strong project management, organizational and analytical skills.
- Excellent communication and stakeholder management abilities.