FirstPro is now accepting resumes for an IT SOX Compliance Lead position based in Boston, MA. This role will focus on ensuring that the company's IT teams are have processes and solutions in place to meet compliance audit requirements in ISO, SOX, SOC2, PCI, HIPAA, etc. This is a contract position that can be worked remotely from home.
Responsibilities
Evaluating how an organization/IT follows their own processes and policies and in adherence to various laws and regulations globally to identify possible weaknesses or risks.
Initiating and or revising IT process and policies to meet the standards / controls of an industry recognized audit (such as ISO , SOX, SOC2, PCI, HIPAA) and highest CMMI level
Establishing a governance and adherence framework to IT processes and policies compliance
Creating and managing effective action plans in response to audit discoveries and compliance violations
Collaborating with technology/architect and internal audit team in implementing IT compliance governance/controls where applicable
Implementing, utilizing, and maintaining audit monitoring platforms such as AuditBoard
Implementing, utilizing and maintaining contemporary frameworks on process, policies and governance
Accountable to continuous compliance and continuous improvement
Leading audits of information technology systems and information security processes. i.e. program manage projects associated with audit discoveries and compliance violations (evaluated, investigated and resolved). Provide technology management on the operation and progress of compliance efforts.
Leading IT compliance areas such as ITIL (implementation reviews, project assurance etc), privileged user access deficiencies, data sharing, malware protection, monitoring, disaster recovery compliance etc
Supporting execution of the global Sarbanes Oxley testing program, including walkthroughs, testing controls, and working with our external auditors. SOX testing scope covers areas such as: automated controls, access rights, one time only controls, and IT general controls (ITGCs) among others.
Assisting in the annual SOX financial statement mapping, risk assessment, and scoping process.
Providing roll up reporting applicable to management through executives
Comfortable and confident interacting with external auditors and leadership at varying levels.
Requirements
5+ years of relevant experience in System Implementation reviews, SOX / IT internal controls, internal audit, corporate accounting, public accounting (Big 4 preferred ), etc.
Strong working knowledge of Sarbanes-Oxley Act of 2002, Section 404, including a strong understanding of IT general controls.
This role requires that the individual work independently and to independently lead and execute audits (whether IT, Integrated, or SOX).
Relevant professional certification (CIA, CISA, CPA, CA, ACCA) or advanced degree.0
As a lead, this position must have demonstrated leadership ability in all aspects of the process and governance life-cycle.