IT Compliance Manager

We are seeking a highly skilled and experienced IT Compliance Manager to lead and oversee the Information Technology (IT) compliance activities related to the Sarbanes-Oxley Act (SOX) Section 404. This role is crucial in ensuring that the organization's IT systems, processes, and controls are compliant with SOX requirements, specifically focusing on the effectiveness of IT general controls (ITGCs) and IT-related business processes.

This position will be responsible for managing the change management process for all IT applications and infrastructure to comply with our policies.

The IT Compliance Manager will work closely with internal audit, external auditors, business unit leaders, and IT teams to manage SOX testing and remediation, drive continuous improvement in compliance controls, and mitigate risks associated with IT governance.

Job Duties:

• SOX Compliance Management:
• Lead the execution of IT SOX 404 compliance activities, ensuring that all relevant IT processes and controls are designed, implemented, and operating effectively.
• Oversee and execute the risk assessment process for IT general controls (ITGCs), including access controls, change management, backup and recovery, and segregation of duties.
• Coordinate and support internal and external audits of IT SOX controls, ensuring timely and accurate reporting of compliance results.
• Control Design and Implementation:
• Collaborate with IT and business teams to design and implement appropriate IT controls to mitigate risks and meet SOX requirements.
• Assist in the documentation and testing of IT control processes, ensuring that they align with company policies and regulatory standards.
• Ensure that any control deficiencies are identified, evaluated, and remediated in a timely manner, working with the appropriate stakeholders to resolve issues.
• Documentation and Reporting:
• Prepare and maintain comprehensive documentation of IT SOX 404 compliance processes, including control matrices, risk assessments, and testing results.
• Develop and deliver regular reports to senior management and stakeholders on the status of IT SOX 404 compliance activities, audit findings, and corrective actions.
• Training and Awareness:
• Provide training and guidance to IT staff and business units on SOX compliance requirements, internal controls, and best practices.
• Promote a culture of compliance within the IT department and across the organization.
• Process Improvement:
• Continuously evaluate and improve existing IT controls and compliance processes to enhance effectiveness and efficiency.
• Stay up-to-date on changes to the SOX regulations, IT governance best practices, and emerging risks to ensure ongoing compliance.
• Cross-functional Collaboration:
• Work closely with the internal audit team, external auditors, and business unit leaders to facilitate audits and testing of IT SOX controls.
• Coordinate with IT departments (security, infrastructure, application teams) to ensure alignment with ITGCs and related SOX requirements.