Job Responsibilities include but not limited to, Manage timely performance of control assessments, review of control supporting evidence as second line of defense Actively assist in annual IT Risk Assessment including the following: identification of all systems supporting key financial processes; assessment of controls (general and application) for key financial systems; assessment and/or development of test procedures, including assessment of control testers. Maintain IT Risk Control Matrix to document all key financial systems, controls and testing procedures. Ensure proper accounting of SOX documentation for ITGC to include IT Risk Control Matrix, ITGC Process Narratives, ITGC testing, issue evaluation and reporting. Identify opportunities and support automation in process and ITGC controls to improve the efficiency. Support coordination and perform testing and evaluation of IT systems and controls for SOX compliance in a predominately SAP environment. Support ISO 27001 certification evidence gathering and audit support Support efforts for ITGC training and documentation as needed. Work collaboratively with the IT teams and business units in remediating control deficiencies Evaluate third party SSAE 18 (SOC 1) and/or SOC 2 reports for compliance to system control requirements. Make recommendations for enhancement of IT system controls and process improvements. Work on projects to implement IT risk and control / compliance requirements for new systems. Provide timely and complete communications within the IT department, Internal Audit and Compliance including identification of ITGC issues and exceptions. Serve as liaison to internal and external auditors for ITGC testing and other compliance initiatives. Ability to work on multiple projects, balancing a mix of resources, due dates and requirements. Develop and foster effective working relationships within IT at each of the Divisions as well as key Business, Internal Audit and Compliance personnel. Work collaboratively with necessary stakeholders and teams for GDPR compliance and implementation. Work closely with owners of the Access Control, Release Management, Change Management and Vendor Management processes to ensure compliance with the ITGC Framework. As assigned, perform a review of assigned SDLC key control deliverables and advise Project Managers on SDLC risks and controls. Audit projects for SDLC and key control compliance. Besides the above responsibilities and duties, this position may require to take up additional responsibilities as assigned. Show more Show less