Security Analyst
Argyle Infotech
SOX Compliance Lead
Key Responsibilities:
- Lead the implementation of SOX IT controls across new technology projects and system development initiatives.
- Collaborate with project teams to embed control requirements into project plans, technical designs, and implementation roadmaps.
- Document SOX control design narratives and operating effectiveness testing for in-scope systems and tools.
- Serve as the subject matter expert (SME) for SOX compliance within the SDLC, providing guidance on control design, risk mitigation, and audit readiness.
- Coordinate walkthroughs, evidence collection, and control testing with internal and external auditors.
- Partner with Global Architecture, Engineering, and Product teams to assess the SOX impact of new technologies and system changes.
- Monitor and track remediation of control deficiencies, ensuring timely resolution and sustainable fixes.
- Support quarterly SOX certifications and management attestations related to new systems and changes.
- Maintain centralized documentation and evidence repositories to support audit and compliance activities.
- Provide regular reporting and metrics on SOX SDLC program health, control coverage, and remediation status.
- Educate and train project teams and control owners on SOX requirements and best practices.
Qualifications:
- 5+ years of experience in IT Audit, Security GRC, or SOX compliance, with a strong focus on SDLC, access management, and change management controls.
- Big 4 or equivalent IT Audit experience required, with demonstrated expertise in evaluating ITGCs and application controls.
- Deep understanding of SOX Section 404, including risk assessment, control design, and testing methodologies.
- Proven experience defining, documenting, and implementing SOX controls in system development and project environments.
- Strong knowledge of ITGC domains: access controls, change management, IT operations, and SDLC.
- Familiarity with retail systems (e.g., Oracle EBS, RMS, OMS, WMS) and their SOX implications.
- Experience with cloud platforms (AWS, Azure), SaaS applications, and their impact on SOX compliance.
- Ability to collaborate with stakeholders and control owners to drive accountability and ownership for technology controls and facilitate an environment of continuous compliance.
- Proficiency with GRC tools such as ServiceNow, Jira, or Archer for managing change and compliance workflows.
- Strong communication and stakeholder engagement skills, with the ability to influence cross-functional teams.
- Ability to manage multiple priorities in a fast-paced, global environment.
- Professional certifications such as CISA, CPA, CISSP, or CIA are required.
Must Haves:
- Acknowledges the presence of choice in every moment and takes personal responsibility for their life.
- Possesses an entrepreneurial spirit and continuously innovates to achieve great results.
- Communicates with honesty and kindness and creates the space for others to do the same.
- Leads with courage, knowing the possibility of greatness is bigger than the fear of failure.
- Fosters connection by putting people first and building trusting relationships.
- Integrates fun and joy as a way of being and working, aka doesn’t take themselves too seriously.
Vacancy posted more than 2 months ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Analyst. Be the first to apply!
