Core Responsibilities

• Perform IT General Controls (ITGC) and SOX 404 compliance testing across access management, change management, backup, and job monitoring areas.
  • Conduct risk and control assessments to identify IT process risks and evaluate control effectiveness.
  • Execute end-to-end IT audit activities – including walkthroughs, test planning, control evaluation, evidence collection, and reporting.
  • Review ERP system controls (SAP, Oracle, Workday, or similar) focusing on application access, segregation of duties, and configuration integrity.
  • Support internal and external audit teams in gathering data, coordinating walkthroughs, and tracking remediation progress.
  • Prepare audit work papers, test scripts, control matrices, and management reports according to internal standards.
  • Utilize GRC and analytics tools (RSA Archer, ServiceNow GRC, MetricStream, Power BI, ACL, IDEA) for audit execution and tracking.
  • Participate in SOX compliance initiatives, including scoping, documentation, and periodic control validation.
  • Maintain clear communication with process owners, control owners, and external stakeholders throughout the audit cycle.
  • Support improvement initiatives in IT governance, compliance automation, and control maturity.
  • Stay updated on emerging frameworks such as COSO, COBIT, NIST, and ISO 27001, and integrate them into testing methodologies.
  • Ensure timely delivery of audit reports, compliance documentation, and project closure activities.
  • Contribute to knowledge sharing, mentoring junior team members, and continuous process enhancements.