IT Risk & Control Analyst

Job Description

About The Role We are now looking for a Specialist, Risk Control (RC) in our CoE to support RC with SOx testing of IT General Controls and Application controls. You will be directly working on testing internal controls to support SOX302 attestation. The RC IT SOx Specialist is also a subject matter expert, responsible for advising the Risk team on controls design, deficiencies evaluation and improvements across multiple processes from SOx testing standpoint. A successful risk professional requires a dynamic personality and ability to adapt in a rapidly changing environment. B. responsible: key areas of responsibility will include, but are not limited to: Support testing end to end: Design and execute the day-to-day testing activities of IT and application controls, with a focus on regulatory/compliance (SOX) related risks Collect, analyze, and interpret information to assess and conclude on each assigned testing area with clear concise documentation Identify gaps in design and execution, and communicate issues and recommendations to RC team and control owners Develop and maintain comprehensive documentation including process walkthrough documentation, control testing documentation and any others required Collaborate and partner with RC by providing guidance and ensuring that critical SOx controls are adequately designed and documented, in order to strengthen the control environment, mitigate the company risks and support the business in achieving objectives Collaborate participate within RC to continuously improve the RCs capabilities and governance from SOX testing standpoint B. skilled: The ideal candidate will have a strong background in IT Risk Management, IT Frameworks, Governance and Controls, Segregation of Duties 4+ years of experience gained within IT compliance, internal controls, internal/external audit, including experience leading teams in an international environment Strong experience with designing and/or testing IT General Controls and automated process controls Understanding of and experience with risk management relevant fields and frameworks, including SOx, COSO, and COBIT Strong working knowledge of SOX Ability to multitask and successfully manage multiple priorities and projects Strong work ethic, enthusiastic, self-starting, adaptable and enjoys change in a super engaged team Able to work independently autonomously, while still being a strong team player Fully comfortable working in English, both written and spoken Professional certification, such as CISA/CRISC/CIA (or similar), would be an advantage Relevant Bachelors degree required Preferential: Experience designing and/or testing controls around in-house built software Experience in technology-based product development / DevOps processes Experience in large e-commerce or tech companies Experience in auditing SAP or other ERPs Key Skills Strong working knowledge of SOx Professional certification, such as CISA/CRISC/CIA (or similar), would be an advantage 4+ years of experience gained within IT compliance, internal controls, internal/external audit, including experience working with teams in an international environment Strong understanding of design assessment and operating effectiveness assessment ofIT controls, and interface controls.