SOX Compliance Specialist

Job Overview:

We are seeking a detail-oriented and experienced SOX Compliance Specialist to manage the Sarbanes-Oxley (SOX) compliance program, including the oversight of IT General Controls (ITGCs) and Internal Controls over Financial Reporting (ICFR). The ideal candidate will be responsible for ensuring compliance with SOX regulations, performing assessments of internal controls, and collaborating with various departments to maintain strong governance frameworks. This position requires a thorough understanding of SOX compliance, ITGCs, ICFR, and risk management processes.

Key Responsibilities:

• Lead and manage the overall SOX compliance program, ensuring adherence to SOX requirements and deadlines.
• Coordinate with internal and external auditors to facilitate SOX audits and maintain a comprehensive record of compliance activities.
• Develop, implement, and monitor SOX compliance policies, procedures, and frameworks to ensure the organization is in full compliance with applicable laws and regulations.
• Stay up-to-date with changes in SOX regulations and industry best practices, ensuring the organization’s controls and processes remain compliant.
• Provide regular reports to senior management on the status of SOX compliance, control deficiencies, and remediation efforts.

Management of IT General Controls (ITGCs):

• Oversee the design, implementation, and monitoring of IT General Controls (ITGCs) related to SOX compliance, including access controls, change management, and system development.
• Conduct regular assessments of ITGCs to ensure effectiveness, identifying potential gaps and implementing improvements where necessary.
• Collaborate with IT and other business departments to ensure alignment of ITGCs with business processes and regulatory requirements.
• Assist in the preparation of detailed documentation for ITGC processes and controls as part of the SOX audit.
• Lead the identification, design, and evaluation of internal controls over financial reporting (ICFR) to ensure they are effective and in compliance with SOX requirements.
• Work with finance, accounting, and IT teams to assess risks associated with financial reporting processes and implement controls to mitigate those risks.
• Perform walkthroughs and tests of internal controls to verify their operating effectiveness.
• Support the preparation of internal control documentation, including flowcharts, narratives, and risk/control matrices.
• Review and provide recommendations for improving controls and processes related to financial reporting.

Collaboration and Training:

• Collaborate with cross-functional teams (finance, IT, internal audit, legal, and operations) to ensure an integrated approach to compliance.
• Provide guidance and training to departments on SOX compliance, ITGCs, ICFR, and internal control best practices.
• Assist in the identification and remediation of control deficiencies and work with teams to implement corrective actions and improve overall control environments.

Risk Assessment and Remediation:

• Conduct risk assessments to identify control weaknesses, gaps, and potential threats to SOX compliance.
• Recommend corrective actions and mitigation strategies to address identified risks.
• Assist in the design and implementation of remediation plans and track progress to closure.

Skills and Qualifications:

• Bachelor’s degree in Accounting, Finance, Information Technology, or a related field.
• 6 years of experience in SOX compliance, internal controls, or audit, with a focus on ITGCs and ICFR.
• Strong knowledge of Sarbanes-Oxley (SOX) regulations and internal control frameworks (e.g., COSO).
• In-depth understanding of IT General Controls (ITGCs) and their application in SOX compliance.
• Experience with internal control assessments, risk management, and testing of financial reporting controls.
• Familiarity with audit tools, compliance management software, and reporting systems.
• Exceptional analytical and problem-solving skills, with attention to detail and the ability to work under pressure.
• Strong communication skills, with the ability to effectively collaborate with stakeholders at all levels.
• Ability to manage multiple priorities and deadlines in a fast-paced environment.
• SOX or internal audit certifications (e.g., CPA, CIA, CISA) are a plus.

Preferred Qualifications:

• Experience with financial reporting systems (e.g., SAP, Oracle, etc.).
• Advanced knowledge of SOX compliance testing and remediation processes.
• Experience working with external auditors and managing external audit relationships.
• Knowledge of IT security and system risk management practices.
• Ability to streamline compliance processes and automate testing where possible.