We are seeking a detail-oriented SOX IT Risk & Assurance (RASS) professional to support the evaluation, testing, and documentation of internal controls over financial reporting (ICFR). The role focuses on SOX 404 compliance, IT General Controls (ITGCs), and control effectiveness across IT systems that impact financial reporting.
Roles and Responsibilities
- Perform SOX 404 testing of IT General Controls (ITGCs), including design and operating effectiveness
- Evaluate IT controls across access management, change management, IT operations, and application controls impacting financial reporting
- Support risk assessments and identify control gaps within ICFR environments
- Collaborate with internal audit, external auditors, and process owners to address control deficiencies
- Prepare and maintain audit-ready documentation and workpapers in line with SOX requirements
- Participate in walkthroughs, evidence collection, and control testing activities
- Provide recommendations to improve control design and operational effectiveness
- Track remediation efforts and validate implementation of corrective actions
Qualifications
- Bachelor’s degree in Accounting, Information Systems, Business Administration, or a related field
- 3–5 years of relevant experience in one or more of the following:
- Big Four accounting firms
- Large or complex internal audit functions
- Management consulting firms
- Strong experience in SOX 404 compliance and IT controls testing
- Knowledge of IT General Controls (ITGCs) supporting Internal Controls over Financial Reporting (ICFR)
- Understanding of IT control domains such as access management, change management, and IT operations