Job Title: Sr Manager, IT SOX Compliance
Location: Baltimore, MD
Duration: Direct Hire
Compensation: $100,000 to 120,000+ based on experience
Our client is looking for a Sr Manager who possesses knowledge of IT, broad business experience, and internal audit practices. The candidate will leverage knowledge of business process and IT to lead audit programs, execute risk assessments and interact with the compliance and risk management global program(s).. The candidate will also be expected to effectively lead a team of IT SOX Compliance professionals.
- Responsible for anticipating, recognizing and managing all facets of IT risks, including but not limited to regulatory compliance (SOX, FERPA, PCI; Privacy Laws). This role requires integrity and strength of character as well as a willingness to challenge staff on all levels to ensure that we’re compliant with all applicable laws and company ethics. The candidate will be responsible for ensuring compliance at all institutions within a specified region.
- Manages the documentation and assessment of IT internal controls over financial reporting as part of the ongoing Sarbanes-Oxley (SOX) compliance effort
- Responsible for directing IT compliance efforts for all institutions within a large geographic region.
- Provides leadership and guidance to a team of IT SOX Compliance professionals
- Direct the assessment of access management, authentication, authorization
- Evaluate internal control deficiencies and ensures remediation strategies are correct as proposed by external/internal audit or internal control staff
- Oversees creation of efficient procedures and methodologies to test controls relevant to SOX
- Responsible for compliance results and corresponding reporting
- Build meaningful metrics to demonstrate continuous improvement in the audit process and in the efficacy of internal controls
- Create specific metrics to monitor control deficiencies and remediation accountabilities across all IT functional groups
- Supervise daily activities of IT SOX Compliance Analyst personnel
- Will coordinate with clients IT Executive Regional CIOs, local IT Management and Compliance teams to identify automation opportunities to streamline application and infrastructure controls across IT functional groups
- Coordinates with IT personnel across the enterprise to implement required controls, ensure these controls are executed, and maintains appropriate evidence.
- Prepares and/or reviews reports that are requested for the reporting of SOX IT related information to various levels of management.
- Responsible for coordinating with IT process owners on updating IT SOX documentation.
- Provides guidance on internal financial policies and procedures with respect to IT controls.
- Develop and execute SOX Compliance training and awareness programs based on audit findings and regulation(s) changes
- Work with IT Compliance due diligence programs for new acquisitions and develop plans as required based on GAP analysis results and requirements
- Negotiate and influence business process transformation and process improvements with business owners and systems stakeholders
- Implements policies, process, and systems aligned with the strategic roadmap and in support of near term deliverables (audit and other).
- Constantly on alert for potential areas of vulnerability or risk; able to work with management and operations to develop contingency plans and make critical decisions for the regional institutions.
- Ensures that monitoring programs are in place to measure efficiency and identify potential areas for improvement.
- 8+ years of work experience in IT Audit, Compliance and/or Public Accounting.
- Minimum of a Bachelor’s degree in Computer Science/Information Systems Management
- Experience with SOX Privacy regulations and other control frameworks.
- This position requires the ability to analyze and interpret the risk implication of changes in the compliance requirements and the control environment
- The role requires risk management expertise to ensure creation and maintenance of effective risk mitigation strategies across all stakeholder groups; Business, IT functional groups, and Information Systems Security
- Strong change management and negotiation skills with ability to work within a matrix-run organization.
- Experience in developing and deploying best practices, policies, procedures and processes.
- Builds a network of relationships across IT functional groups, business peers and executive management
- Bilingual in Spanish or Portuguese preferred
- Experience in a large accounting firm with SEC Clients preferred
- Certified in Security, Governance, Compliance and Project Management. ISACA CISA, CISM, CGEIT, CISSP, CRISC, PMP or equivalent professional certification desirable
- Influence development of broad based risk management strategies.