Jobs · Management · Illinois

Senior Analyst, Internal Controls & SOX

HUB International · Chicago, IL · 5 days ago
Management$90k–$110k/yrFull-time

About the role

HUB International is a global insurance and employee benefits broker with over $5 billion in revenue and almost 20,000 employees in 600 offices throughout North America. We provide a wide range of products and services, including business insurance, employee benefits, risk services, personal insurance, retirement, and private wealth management. We are seeking a Senior Analyst, IT Internal Controls & SOX to support our IT SOX program.

Responsibilities

  • Support the overall IT SOX program including but not limited to controls and key report testing.
  • Apply working knowledge of cloud infrastructure (AWS, Azure, GCP) to assess controls related to cloud security, access management, change management, computer ops.
  • Support internal initiatives and look for process improvements.
  • Proactively identify and evaluate opportunities to apply AI in streamlining controls testing and reporting processes.
  • Maintain a comprehensive Risk Control Self-Assessment (RCM) including ITGC, ITAC, as part of the overall SOX program.
  • Evaluate IT control processes to identify risks gaps.
  • Document, track and report identified issues.
  • Provide remediation guidance, track and log the action plans in Workiva.
  • Collaborate with external auditors and IT/business stakeholders, providing documentation, context, and support as needed.
  • Assist in delivering IT-specific internal control training for different teams / business units.
  • Contribute to IT risk assessments and SOX scoping activities, helping prioritize key risk areas across cloud different systems/applications/tools.
  • Manage the overall Workiva (GRC) platform and act as a system administrator.
  • Proactively communicate observations, risks, and recommendations to management, speaking up when something doesn't look right rather than waiting to be asked.

Qualifications & Experience

  • Bachelor's degree in Information Systems, Accounting, Finance, or a related field.
  • 2–4 years of experience in IT internal controls, IT auditing, or a similar role in a public company or accounting firm.
  • Big 4 and consulting experience is plus.
  • Solid understanding of SOX regulations and the COSO framework, paired with broader knowledge of IT general controls, business processes, and how technology supports the organization.
  • Practical knowledge of ITGC domains such as Change Management, Access Management, Computer Ops, SLDC, etc.
  • Experience with IT Application Controls, Key Reports (plus).
  • Working knowledge of cloud platforms — AWS, Azure, and/or GCP — including familiarity with cloud security and access controls.
  • Strong analytical and problem-solving skills with the ability to connect technical findings to business impact.
  • Excellent communication and interpersonal skills; comfortable engaging with stakeholders at all levels and confident enough to voice concerns, ask hard questions, and offer independent perspective.
  • A collaborative, proactive mindset — someone who contributes ideas rather than simply following process.
  • Certifications such as CISA, CISM, CRISC, CC (Certified in Cybersecurity), CISSP, or cloud certifications (AWS Certified, Google Cloud Certified) preferred; actively pursuing one or more is a plus.

Similar jobs