- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), or equivalent.
- Minimum of 7+ years of professional working experience required in IT SOX compliance, IT audit, or a similar role. Experience setting up IT SOX work is very relevant.
- 2-3 years of Big 4 experience strongly preferred
Our client is a renowned and global maritime MNC with its global HQ based in Sgp (at Maple Tree Biz Park). The co has a flexi work arrangement and allows WFH 2 days in a week.
The group is seeking an IT SOX Manager to join the SOX Team with the responsibility to design and implement IT SOX controls to ensure compliance with Sarbanes-Oxley ("SOX") regulations for some of their US listed entities within the group.
Your primary focus will be on understanding end-to-end business processes and application data flows, and map them to existing IT General Controls ("ITGC"), IT application controls ("ITACs"), and business process controls, including identifying control gaps, documenting controls, testing operating effectiveness of controls and performing remediation of deficiencies identified. There is minimal travel required for this role. This role reports to the Global Head of Sox (based in Singapore).
Responsibilities:
- Leads the creation of a Risk Control Matrix to map controls to identified risks, ensure proper coverage and inventory of controls for each process, establish transparency and completeness of coverage with consideration on the controls frameworks such as COBIT, NIST, ISO 27000 and CIS
- Develops, directs and leads IT SOX compliance efforts, including review and tracking of IT controls design assessments, controls validation testing, and gap remediation according to Internal Audit concepts (Sarbanes-Oxley, COSO, and/or evaluations of systems of internal control) and SEC/PCAOB/SEC guidelines
- Maintains current understanding of IT audit/technology developments and emerging risks, and proactively identify IT risks and process improvement opportunities according to company-wide initiatives and changes
- Performs SOX testwork and advice to partners on policies and procedures, system implementations, regulatory and compliance requirements, application and infrastructure updates, cybersecurity, change management, asset management, business continuity and disaster recovery, and data privacy, etc.
- Collaborates with application owners to facilitate the onboarding process, providing guidance and support through the change management process to ensure proper alignment with SOX requirements, and oversees completion of required SOC 1/2 controls assessments, inventory of End User Computing (EUC) Tools and Models
- Assists with designing and deploying audit procedures and techniques for technical / IT areas such as segregation of duties and critical access, ERP configuration controls and other related areas
- Assists application owners in understanding the associated ITGC and ITAC controls for new applications being onboarded, and coordinate and conduct controls testing to assess the effectiveness and compliance of implemented controls
- Coordinates with Internal and External Auditors to support the SOX audits and reviews
Qualifications
- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), or equivalent.
- Minimum of 7+ years of professional working experience required in IT SOX compliance, IT audit, or a similar role. IT Sox exp is a plus but not a must.
- 2-3 years of Big 4 experience strongly preferred
- Added experience setting up IT SOX work from scratch or doing IT sox scoping work for a newly created function/ entity are highly preferred (but not a must)
- Has the experience of doing IT SOX work covering financial statements
- Strong analytical and problem-solving skills, with experience in utilising tools like Visio to visually represent application flows and identify controls from applications within the SOX scope, with experience in data analytics (e.g. ACL) and data extraction methods such as using Excel Macros, Python, R language, etc.
- Strong project management skills, with the ability to manage multiple priorities and deliver results within defined timelines
- Demonstrates excellent communication and interpersonal skills to lead and collaborate effectively with cross-functional stakeholders at all levels to create and understand comprehensive process flows, control matrices and effective completion of control documentation to facilitate mapping of upstream and downstream processes
- A diligent and effective manager who leads by example, demonstrates strong personal credibility and integrity, and works effectively as an integral part of the SOX team to achieve challenging and dynamic objectives
- Hands-on
- Has a stable cv
- Possess strong communication skills
- Thrive in a fast paced and global MNC setting
To apply, pl send your cv in word doc to [email protected]. Pl also include details on your current salary, expected salary and notice period in your cv.
We regret to inform that only shortlisted candidates will be notified.
Posted by:
CAP Consulting (EA license: 14C7175)
Caroline Poh (EA Registration: R1105649)
Date ad is posted - 23 July 2024
