SOX IT Compliance Analyst

The SOX IT Analyst is responsible for supporting the organization's compliance with the Sarbanes-Oxley Act (SOX) by evaluating, testing, and documenting IT controls over financial reporting. This role collaborates with IT, Finance, and Audit teams to ensure IT systems and processes meet regulatory standards, reduce risk, and maintain operational effectiveness. We are looking for someone that is knowledgeable in both SOX regulations, cybersecurity frameworks, and IT risk management practices.

• Assist the IT Compliance Lead in managing and maintaining IT controls for SOX and other compliance initiatives.
• Support the Compliance Lead with documenting, testing, and evaluating IT General Controls (ITGC).
  • Annual Baselines
  • Access / De-Provisioning
  • Admin Access
  • Backup Controls
  • Password Analysis for in-scope applications, servers, and databases.
  • Quality Control (QC) of Quarterly Access Review Packages
  • Out of Compliance (Quarterly Norm and Monthly HR)
  • Super User Monitoring
  • Gathering and Validating SOPs from Process Owners
  • SOX Access Validation Tickets
• Conduct risk assessments to identify gaps in IT systems related to SOX compliance such as;
  • User Access Management: Assessing the process of granting and revoking access to critical applications.
  • Change Management: Review the IT change control process to ensure that modifications to in-scope systems (software updates, patches, configuration changes) are properly tested, approved, and documented.
  • Backup Procedures: Review the effectiveness of backup processes.
  • Audit Trail Reviews: Verify that audit trails are maintained and monitored for key systems.
• Monitoring daily IT operations to ensure SOX compliance and reporting issues to the Lead.
• Collaborating with the Lead and SOX Compliance team during SOX audits and assessments.
• Assisting with the remediation of audit findings and ensuring corrective actions are properly implemented.
• Tracking and maintaining IT compliance documentation.
• Providing training and guidance to IT staff on SOX compliance best practices under the direction of the Lead

• Bachelor's degree in Information Technology, Accounting, Finance, or related field.
• 3-5 years of experience in IT audit, IT compliance, or a similar role.
• Strong understanding of ITGCs, SOX compliance requirements, and frameworks like COBIT, NIST, or ISO 27001.
• Proficiency in using GRC (Governance, Risk, and Compliance) tools.
• Analytical and business management skills with proven ability to build relationships and influence individuals at all levels of the organization.
• Good communications and organizational skills to facilitate teamwork and help coordinate small to large teams of IT professionals.
• Excellent verbal and written communications skills.
• Proficiency in working in a fast-paced, complex, and dynamic business environment.
• An understanding of governance, risk, and compliance discipline.
• An understanding of network operations discipline.
• Knowledge of the latest requirements and trends in the management of SOX regulations, cybersecurity frameworks, and IT risk management practices.
• Knowledge of project management processes and steps.Ability to perform multiple tasks and adjust priorities based on workload and direction from management and the customer.
• Ability to organize, plan, execute and supervise multiple major projects with minimal supervision.
• Analytical ability as related to the analysis of IT Compliance performance over time.
• Demonstrates strong problem solving, decision-making and organizational skills.

Preferred Qualifications:

• Certifications such as CISA, CIA, or CPA.
• Experience in financial systems, ERP platforms (e.g., SAP, Oracle), or cloud technologies.
• Knowledge of cybersecurity principles and data privacy regulations.