As a key member of the team, you will work closely with the IT department, internal audit teams, and external vendors to drive excellence in technology, cybersecurity, and regulatory audits. Reporting directly to the Senior Director of Cybersecurity & Compliance, you will be essential in optimizing operational processes, ensuring IT systems and controls meet the highest industry standards.
Key Responsibilities
- Possess a strong understanding of Sarbanes-Oxley and ITGC requirements.
- Oversee ITGC control activities, ensuring they meet deadlines, quality, and appropriateness across regional and global IT teams.
- Prepare summary compliance status reports for senior IT and business leaders.
- Update and create standard operating procedures to align with control performance expectations.
- Develop high-quality IT compliance deliverables, such as planning memos, audit drafts, periodic reports, and presentations.
- Identify opportunities for improvement to enhance risk management, governance, and control procedures.
- Ensure controls are effectively designed and implemented during system projects.
- Coordinate with internal and external auditors to ensure timely execution of IT audits.
- Collaborate with IT leadership to conduct pre- and post-implementation reviews of system changes or new implementations.
- Lead IT security audits (e.g., network, operating systems, and data centers), evaluating the effectiveness of risk mitigation strategies.
- Assess the efficiency of IT control processes related to operations, financial activities, and compliance.
- Work closely with audit teams (internal, external, or co-sourced) and IT leaders on planning and executing control testing for IT audits.
- Serve as a liaison between IT teams and audit groups.
- Partner with auditors to assess automated controls for internal financial reporting (ICFR) supported by IT systems.
- Collaborate with regional IT leaders to enhance control processes using automation to improve execution time and quality.
- Build and maintain strong relationships with stakeholders at all organizational levels, including external auditors.
- Engage in special projects, including due diligence and integration during acquisitions.
- 10-15 years of hands-on experience in SOX Compliance, particularly ITGC.
- 5+ years in senior auditing roles (or similar) within a Big 4 audit firm (EY, KPMG, PWC, or Deloitte).
- Strong leadership and communication skills, both written and verbal, with a proven ability to collaborate effectively.
- Bachelor’s degree in management information systems, computer science, or a related field.
- Certified Information Systems Auditor (CISA) preferred.
- Deep understanding of IT control frameworks, including information security, access management, change management, and IT operations.
- Familiarity with information security standards and applicable laws/regulations.
- Experience with third-party assurance reports (SOC1).
- Knowledge of technology domains like Windows, databases, networking, and UNIX (preferred).
- Ability to maintain a positive attitude in a fast-paced environment while embracing change.
- Strong analytical, problem-solving, and influencing skills to drive IT controls strategy and foster strong partnerships.
- Willingness to travel, both domestically and internationally, approximately 20%.
The Leonid Group Corporate Governance is a talent acquisition consultancy that specialises in the placement of Legal, Compliance, Trade Compliance & Ethics professionals on an international scale across the Americas, EMEA and APAC. Legal and compliance are both global, with teams worldwide, and our network reflects this. We work with multinational corporations to help structure their departments with the best people, from the Global Chief Compliance Officer and General Counsel to the Compliance Analyst and Trade Compliance Specialist.