Sr. IT Risk & Compliance Analyst

Bannockburn, IL

WHAT YOU’LL NEED:

Technical Requirements and Certifications »CISA, CISM, CIA, CPA certifications a plus.

Education and Experience »Preferred Education: in Bachelors or Equivalent.

Bachelor's degree in Information Systems, Computer Science, Accounting, Business or related technical discipline (or equivalent).

5+ years of relevant work experience.

Familiar with leading practice IT controls frameworks and audit methodologies and IT industry standards (e.g., COSO 2013, COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC, etc.).

Strong understanding of regulatory concerns especially IT Sarbanes Oxley (IT SOX).

Intermediate knowledge of evaluating internal controls, developing recommendations, designing and implementing solutions.

Previous internal or external audit experience a plus.

SAP functional knowledge a plus.

Intermediate to advanced skills and hands-on experience in building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, Access.

Knowledge, Skills and Abilities »Basic knowledge of project management principles (planning, organizing and managing assessment process).

Strong interpersonal skills with the ability to work effectively in a matrixed organization.

Ability to work with teams that are geographically distributed and work across different time zones.

Able to work in a fast-paced environment, both independently and lead a team.

Ability to manage and collaborate with onshore and offshore cross-functional teams.

Strong analytical ability, critical thinking, decision making, judgment and problem analysis techniques.

Excellent communication skills (verbal, written and listening).

Excellent time management, prioritization and multi-tasking skills.

Directing Others is good at establishing clear directions.

Sets stretching objectives.

Distributes the workload appropriately.

Lays out work in a well-planned and organized manner.

Maintains two-way dialogue with others on work and results.

Brings out the best in people.

Is a clear communicator.

Managing and Measuring Work clearly assigns responsibility for tasks and decisions.

Sets clear objectives and measures.

Monitors process, progress and results.

Designs feedback loops into work.

Building Cross-functional effective teams and blends people into teams when needed.

Creates strong morale and spirit in his/her team.

Shares wins and successes.

Fosters open dialogue.

Allows people finish and be responsible for their work, holds people accountable.

Defines success in terms of the whole team.

Total Work Systems (e.g., TQM/ISO/Lean/Six Sigma) Is dedicated to providing organization or enterprise-wide common systems for designing and measuring work processes.

Seeks to reduce variances in organization processes.

Delivers the highest-quality products and services which meet the needs and requirements of internal and external customers.

Is committed to continuous improvement through empowerment and management by data.

Leverages technology to positively impact quality.

Is willing to re-engineer processes from scratch.

Is open to suggestions and experimentation.

Creates a learning environment leading to the most efficient and effective work processes.

WHAT YOU’LL DO:

Job Responsibilities:Builds and maintains positive working relationships with stakeholders, including application, process and control owners along with management in support of IT Risk and Compliance processes and practices.

Participates in scoping activities for IT SOX applications, systems changes and business transformation projects.

Contributor to the design and implementation of enhancements for internal controls such as segregation of duties, change management, access management, IT operations, workflow and application configuration, etc.

Assists IT SOX process by validating that audit evidence is complete and accurate prior to providing to the auditors.

Identifies, communicates and coordinates efforts to resolve control exceptions.

Support control owners through the full management of IT SOX audit cycle, including assisting control owners through continuous improvement of controls, maintaining the IT SOX control framework, facilitating management prep sessions and helping to validate that audit evidence is complete and accurate prior to providing to the auditors.

Gains knowledge and understanding of SAP S/4, SuccessFactors, Salesforce, Descartes, Coupa, Concur and other legacy systems for IT SOX controls.

Performs targeted risk assessments and provide recommendations to Control Owners.

Reviews deficiencies identified during audit or internal assessments and collaborates with the IT Risk & Compliance team to develop and execute remediation plans.

Supports IT policy steering committee with senior level management to develop IT policies, provide guidance, ensure consistency and facilitate roll out and maintenance of corporate IT policies.

Supports IT GRC steering committee intend to continuously improve controls with senior level management.

Supports user entitlement reviews using homegrown tools built on Alteryx and Out systems.

Drive continual improvement of the IT SOX governance program through the development of training, facilitation of SOX auditors and creation of support materials and processes for Control Owners.

Assist management with remediation plan development, execution and support for control owners.

Participate in IT SOX walkthroughs, to act as knowledge resource and to gain an understanding of the current processes and controls.

Maintain status reports and key metrics to support the IT Risk and Compliance function.

Perform other duties and responsibilities, as assigned.

Please send/Email resumes:

lgironda@vsoftconsulting.com