IT Security, SOX Specialist

This is a fully remote position, open to applicants in United States.

📋 Description

• Lead and manage the IT General Controls (ITGC) program to ensure compliance with SOX regulations across all systems, which includes control testing, evaluation of deficiencies, and tracking remediation efforts.

• Plan and implement ITGC risk assessments, control documentation, walkthroughs, and testing activities related to access management, change management, and IT operations.

• Assess control design and operational effectiveness; identify deficiencies, evaluate risk impact, and collaborate with technology stakeholders on remediation strategies.

• Monitor the progress of remediation efforts, verify corrective actions, and escalate any unresolved risks in line with governance expectations.

• Act as the main point of contact with Internal Audit and external auditors, facilitating SOX and other external audit requests while ensuring timely, audit-ready deliverables.

• Create executive reports detailing control performance, deficiencies, and overall compliance status, while fostering continuous improvement and control maturity.

• Collaborate with IT stakeholders to gather evidence, clarify control executions, and assist with remediation activities.

• Aid the CISO in the implementation of internal security policies and provide necessary support for monitoring, remediation, and enhancement of these policies and procedures.

• Oversee security monitoring, coordinate incident response, manage vulnerability management, and govern access activities.

• Ensure that appropriate security controls are integrated into the system development lifecycle (SDLC), cloud deployments, and infrastructure operations.

• Develop metrics, dashboards, and executive reports related to security posture and compliance status.

• Work collaboratively across Infrastructure, Application Development, and Shared Services teams.

• Foster a culture of security awareness and compliance throughout the organization.

⛳️ Requirements

• Bachelor’s degree in information security, Computer Science, Information Technology, or a related field.

• Over 5 years of experience in information security, IT audit, compliance, or risk management.

• More than 3 years of experience managing SOX ITGC compliance programs.

• Strong understanding of SOX ITGC controls, access management and identity governance, change management processes, IT operations controls, and risk management frameworks.

• Experience working with both internal and external auditors.

• Proficient in engineering security solutions in both on-premises and cloud-based environments.

• Excellent project management, organizational, and analytical skills.

• Strong communication and stakeholder management skills.

🏝️ Benefits

• Comprehensive healthcare coverage, including Medical, Vision, and Dental.

• 401k plan with a 4% company match, with immediate 100% vesting.

• Life, disability, and supplemental insurance options.

• Opportunities for growth and professional development.

• Wellness benefits, including an Employee Assistance Program.

• A work/life balance with a generous time-off policy, including PTO and paid holidays.

• Dependent Daycare flexible spending account.

• Paid parental leave.

• Commuter account available.

• A sabbatical every 7 years.

• Summer Fridays, allowing early leave at 2:00 PM every Friday from Memorial Day to Labor Day.