Summary of Responsibilities

Job Summary:

The IT SOX Compliance Administrator III is responsible for ensuring the effectiveness and efficiency of IT controls and compliance with the Sarbanes-Oxley Act (SOX). This role involves managing IT governance, risk management, and compliance processes. Key responsibilities include conducting risk assessments, performing audits, and developing IT control frameworks. The position requires significant autonomy, problem-solving skills, and technical judgment to identify potential compliance issues and recommend corrective actions. The position possesses a strong background in IT controls, SOX compliance, and risk management, with the ability to coordinate with cross-functional teams and communicate findings to senior management

Responsibilities and Tasks (listed in bullet format) in order of priority to be successful

• Conduct periodic risk assessments and control reviews to identify gaps and recommend improvements to strengthen the IT control environment.

• Perform walkthroughs and testing of ITGCs and automated controls for SOX compliance

• Evaluate controls over areas such as access management, change management, system development, operations and configuration

• Document findings, identify control gaps, and work with IT and business teams to develop remediation plans

• Primary liaison coordinating with external auditors and internal stakeholders to ensure timely and accurate testing and reporting

• Assist in the maintenance of SOX documentation, including control matrices and process flowcharts

• Track and report remediation progress for identified control deficiencies

• Support continuous improvement of IT SOX compliance processes, including automation and risk-based scoping

• Support system implementation and upgrades by advising on control design and ensuring new systems meet SOX and DoD compliance requirements on Day 1

Education, Experience & License or Certification

• Bachelor's degree in information technology, computer science, business administration, accounting, or a related field.

• The ideal candidate will have 2-4 years of experience as an internal or external IT auditor

• Experience with ITGCs and application control design and evaluation is required

Skills and Abilities

• Hands-on knowledge of key ITGC domains including logical access, change management, systems development lifecycle (SDLC), data integrity, and operations controls

• Experience with ERP systems (Infor LN, Oracle, etc.), including control frameworks embedded in enterprise applications

Travel/Physical Requirements

• may require some travel

• Work is usually conducted in an office

#LI-AP1