SOX Audit Program Manager
Simmons Bank · Little Rock, AR · 4 mo ago
Information TechnologyFull-time
Essential Duties And Responsibilities
- Lead the planning, coordination, and execution of Internal Audit’s annual SOX 404 and FDICIA testing program, in accordance with the risk-based audit plan approved by audit leadership.
- Develop and maintain risk-based SOX/FDICIA audit programs, including scope determination, testing strategy, and timing of interim and year-end procedures.
- Conduct and oversee process walkthroughs for in-scope financial reporting processes to obtain audit understanding and validate management-identified controls.
- Evaluate the design and operating effectiveness of key internal controls over financial reporting, including sample selection, execution of test procedures, and documentation of results.
- Review SOX testing work performed by Internal Audit staff for technical accuracy, sufficiency of evidence, and adherence to Internal Audit and COSO standards.
- Cook up SOX-related audit activities across business units while maintaining independence and objectivity.
- Anticipate and identify potential control gaps, deficiencies, or emerging risks within financial reporting processes.
- Evaluate and classify control issues (control deficiencies, significant deficiencies, potential material weaknesses) and ensure findings are supported, clearly documented, and appropriately escalated.
- Communicate audit progress, issues, and results to the Director of Internal Audit and Chief Audit Executive.
- Prepare and review SOX audit reports, management issue write-ups, and executive-level summaries.
- Present SOX audit results and internal control assessments to senior management, as requested.
- Monitor and validate management’s remediation plans and perform follow-up testing to confirm timely and effective issue resolution.
- Serve as the primary Internal Audit liaison with external auditors for SOX/ICFR matters, supporting reliance on Internal Audit work where appropriate.
- Ensure all SOX audit activities comply with applicable laws, regulations, professional standards, and Internal Audit policies, including completion of required compliance training.
- Maintain working knowledge of banking operations, accounting standards, regulatory guidance, and emerging SOX/ICFR best practices.
- Identify opportunities to improve SOX audit efficiency, methodology, documentation standards, and use of audit technology.
Other Responsibilities
- Pursues professional development opportunities, including external and internal training and professional association memberships and shares information gained with management.
- Pursues ongoing professional development through training, continuing education, and professional certifications.
- Shares technical knowledge and best practices with Internal Audit management and staff.
- Assists with special projects, regulatory requests, or other Internal Audit initiatives assigned by audit leadership.
- Performs other duties as assigned.
Career Track Guidelines
- Performs all duties described above with increasing independence and technical depth.
- Demonstrates advanced proficiency in SOX, FDICIA, COSO, and ICFR audit methodologies.
- Works effectively as a senior individual contributor and project lead within the Internal Audit team.
- Serves as a trusted technical resource for SOX and financial reporting controls.
- Builds strong, professional working relationships with business units, external auditors, and audit leadership.
- Contributes to a positive Internal Audit culture through collaboration, knowledge sharing, and mentorship.
- Actively pursues professional growth and stays current on regulatory and professional developments.
- Seek to learn through training and individual study.
- Actively participates in department community involvement program.
Qualifications
- Advanced knowledge of SOX, FDICIA, ICFR, and the COSO framework.
- Strong analytical, audit planning, and organizational skills.
- Excellent written and verbal communication skills.
- Strong project management and time-management capabilities.
- Ability to analyze complex processes and evaluate control design and effectiveness.
- Ability to prepare clear, concise audit documentation and executive-level reporting.
- Ability to effectively present information to senior management and Audit Committee members.
- High degree of professional judgment, independence, and ethical standards.