SOX IT Manager

The Enterprise Compliance and Controls group is primarily responsible for managing the company-wide Sarbanes-Oxley (SOX) Section 404 program. This role focuses on systems and technologies that support the financial processes relevant to SOX. The role reports to the Senior IT Manager of Enterprise Compliance and Controls and is primarily responsible for planning, coordinating, and executing company-wide IT SOX Compliance efforts and, other special projects.

Responsibilities:

The position will be responsible for the following key functions:

• Plan, coordinate, and execute SOX 404 walkthroughs and testing of IT General Controls (ITGCs) across all segments
• Plan and manage SOX deliverables, including partnering with process and control owners to coordinate control documentation updates, testing, remediation, and control deficiency evaluation
• Identify IT risks and process improvement opportunities
• Provide technical and quality oversight regarding IT risks and controls and technologies
• Articulate and communicate complex issues and required action plans to internal management and external stakeholders
• Partner with Enterprise IT to ensure that third party service providers are compliant with SOX requirements
• Assist Senior Manager in reviewing system implementations/ enhancements to be implemented during freeze periods to assess risks and potential impact to the SOX key controls
• Review conflicts to ensure TWDC maintains the appropriate segregation of duties and approving access to sensitive job roles within SAP
• Develop and implement enhanced Company-wide controls and processes as recommended by Management Audit or Enterprise Finance Processes
• Review testing work papers prepared by staff and provide coaching when needed
• Prepare executive presentations and lead quarterly SOX meetings with Segment SOX representatives
• Support Senior Manager on IT special projects and continuous improvement initiatives

Basic Qualifications:

• Minimum experience of 5 years in internal or external auditing, with emphasis on IT auditing, preferably with a large multi-national company or accounting firm
• Two or more years of experience in leading and managing staff, including managing and mentoring them, providing performance feedback, and monitoring of workloads of the team
• A strong understanding of the ITGC areas and the IT governance framework (COBIT)
• Candidates should be able to understand, assess and prioritize risks across the components of the IT environment (application, operating system, and database)
• The ability to understand complex financial applications and security policies is required
• Must possess good quantitative and analytical skills
• Must possess good interpersonal skills to build business relationships
• Must be able to interact with all levels of management
• Ability to work in a highly organized and efficient manner, and a driver that can take projects to completion in a timely manner.
• Demonstrated track record of process improvements and desire to implement best practices

Education:

• Bachelor’s degree is required in a related field; information systems, computer science, business, finance, or accounting
• One of the following professional certifications required: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professionals (CISSP); Certified Information Security Manager (CISM) or Certified Information Privacy Professional (CIPP)