Assoc. Dir. DDIT ISC Gov SOX IT Testing

Major accountabilities:

• In addition to accountabilities listed above in Job Purpose:
• Develop, document, and maintain a comprehensive framework of IT general controls for the ICFR program, aligned with relevant regulatory requirements and industry best practices.
• Oversee the review and enhancement of existing SOX control processes, ensuring effective controls design and implementation related to IT systems.
• Collaborate with IT, finance, and business teams to identify key IT systems, applications, databases, and technology assets impacting accurate financial reporting.
• Lead risk and impact assessments to identify and evaluate potential non-compliance in SOX IT relevant processes, driving the design of appropriate controls for mitigation.
• Plan, scope, and oversee the execution of IT-related SOX audits, including the definition of key control objectives, test plans, and effective testing methodologies.
• Review control test results, findings, and recommendations for remediation, ensuring clear communication and collaboration with relevant stakeholders.
• Stay current on changes in regulations, emerging risks, and evolving industry standards, driving the implementation of necessary updates to the control framework.
• Collaborate and build strong relationships with external auditors to facilitate the SOX control testing process and address any findings or recommendations.
• Provide expert guidance and support on SOX IT-related compliance matters, collaborate with cross-functional teams to ensure compliance with Sarbanes-Oxley (SOX) regulations and contribute to the enhancement of our overall SOX control environment.
• Promote a culture of continuous improvement by driving initiatives to optimize the efficiency and effectiveness of the SOX IT control environment.

Key performance indicators:

• Effectiveness and adequacy of the IT general controls framework, with high-quality documentation and alignment with regulatory requirements and industry best practices.
• Quality and timeliness of SOX IT approach and methodology enhancements.
• Alignment and collaboration level of SOX relevant systems with Finance and IT teams.
• Successful and timely completion of IT-related SOX audits, delivering clear control testing results and actionable recommendations.
• Strong collaboration and positive working relationships with cross-functional teams and external auditors.
• Leadership in driving continuous improvement initiatives for the enhancement of the SOX IT control environment and overall compliance program

Minimum Requirements:
Work Experience:

• Minimum of 10 years of experience in IT audit, IT risk management, IT compliance, or a similar senior role
• Deep understanding of SOX compliance requirements, internal control frameworks (e.g., COSO), and IT auditing standards (e.g., COBIT).
• Proven track record of leading and overseeing IT-related SOX audits, including scoping, testing, and reporting
• Experience working cross-functionally and trans-nationally
• Extensive knowledge of IT systems and processes, including system development life cycle (SDLC), IT infrastructure, and cybersecurity.
• Collaborating across boundaries
• Influencing without authority

EDUCATION:

• Bachelor’s degree in Computer Science, Information Systems, Accounting, or a related field. Advanced degree preferred.
• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar credentials preferred

Skills:

• Information Security Risk Management
• IT Governance
• Cyber security
• Influencing skills
• Stakeholder management
• Business Partnering
• Communication skills

Languages :

• English.