Senior IT Controls Analyst

• Document IT General Controls: Develop and maintain detailed documentation of IT general controls, including access controls, change management, system operations, and disaster recovery, to ensure compliance with SOX and other regulatory requirements.

• Create Swim Lane Diagrams: Design and update swim lane diagrams to clearly outline the process flows for IT controls, ensuring accurate visualization of key steps, roles, and responsibilities.

• Ensure Compliance with SOX Requirements: Work closely with compliance teams, internal audit, and external auditors to ensure all IT general controls are aligned with SOX compliance mandates.

• Collaborate with IT Teams: Partner with IT operations, infrastructure, development, and security teams to gather information on system architecture, software implementations, and control processes to produce accurate documentation.

• Assist with Control Testing: Support the testing of IT general controls during internal and external audits by providing clear documentation and walkthroughs of control processes.

• Review and Update Control Documentation: Regularly review IT control documentation to ensure accuracy and compliance with changing SOX requirements, system upgrades, or changes in processes.

• Develop Control Narratives: Create and maintain control narratives that describe the purpose, function, and implementation of IT general controls within the organization.

• Support IT Audits: Assist in the preparation for IT audits by providing accurate and up-to-date documentation, including system architecture, process flows, and control evidence.

• Training and Knowledge Sharing: Provide training and guidance to IT and business teams on SOX IT control requirements and documentation best practices.

Technical Knowledge and Understanding:

• Familiarity with enterprise software environments, system architecture, and software development life cycle (SDLC).

• Proficiency in tools such as Microsoft Visio or similar for creating process diagrams and swim lanes.

• Experience with governance, risk, and compliance (GRC) tools and platforms.

• Solid understanding of IT operations, networks, databases, and system security.

• Bachelor’s degree in information technology, Computer Science, Information Systems, or a related field.

• 5+ years of experience working in IT general controls, SOX compliance, or IT audit roles.

• Strong understanding of SOX IT general controls, including access management, change management, and disaster recovery.

• Proven experience in creating detailed documentation and process diagrams, especially swim lane diagrams.

• Strong attention to detail and a methodical approach to documenting complex IT control environments.

• Excellent communication and interpersonal skills to collaborate effectively across multiple teams.

• Ability to manage multiple priorities and deliver high-quality work under tight deadlines.

• Certification in SOX, ITIL, CISA, or similar preferred.

• Experience working with internal or external audit teams preferred.