Senior SOX & IT Controls Analyst  offline

Senior SOX & IT Controls Analyst 

 Our client in the insurance industry is seeking two detail-oriented and proactive professionals to join their Information Risk Management team. This global role provides an opportunity to work closely with security, engineering, and infrastructure teams, gaining exposure to various technologies and high-visibility initiatives across multiple departments.

What is in it for you:

 • Salaried: $72 to $78 per hour.

 • Incorporated Business Rate: $87 to $92 per hour.

 • 12-month contract with the potential for permanent employment.

 • Full-time position: 37.50 hours per week.

 • Weekday schedule from 9 am to 5 pm.

 • Hybrid work: 3 office days, from Tuesday to Thursday.

 • Opportunity to work in a dynamic and professional environment.

 • Join a passionate and inclusive team of professionals.

Responsibilities: 

 • Assess people, processes, and technologies supporting information risk management metrics within the Path-to-Practice program.

 • Conduct risk and controls self-assessments for key ETS business processes, including Incident & Problem Management, Business Continuity, Disaster Recovery, Identity & Access Management, Cloud Management, IT Asset Inventory, Application Security, Vulnerability Management, Data Loss Prevention, Cryptographic Safeguards, Logging & Monitoring, and Network Security.

 • Evaluate and document processes and controls related to metric data sourcing, transformation, and reporting.

 • Review automation logic for risk metrics, identify gaps, and recommend process improvements.

 • Perform data validation and metric recalculations to ensure accuracy.

 • Provide informed recommendations using professional judgment and discretion.

 • Develop process narratives and standard operating procedures (SOPs) to ensure compliance with internal quality standards.

 • Utilize Microsoft Visio or Lucidchart to map process workflows.

 • Collaborate with Second Line Assurance and Internal Audit on projects impacting information risk metrics.

 • Stay current with emerging technologies and industry best practices to enhance credibility and effectiveness.

 • Work cross-functionally within and outside of ETS to achieve program objectives.

What you will need to succeed:

 • Bachelor’s degree in Information Systems, Computer Science, or Information System Auditing.

 • Professional certifications such as CISA, CISSP, CISM, GIAC, or CRISC preferred.

 • 3+ years of experience in Technology Audit, SOX IT Audit, or Technology Risk & Control Self-Assessments (RCSA).

 • Strong understanding of controls, audit processes, and risk management principles.

 • Knowledge of audit methodologies, control testing, risk assessment, and remediation efforts.

 • Excellent analytical and problem-solving skills with the ability to conduct client meetings, obtain evidence, and document findings independently.

 • Strong organizational abilities and attention to detail.

 • Effective written and verbal communication skills, with the ability to collaborate across multiple stakeholders.

Ideal Candidates will:

 • Have a background in IT audits and experience working with auditors and regulators.

 • Be skilled in developing risk metrics and conducting technology risk assessments.

 • Have exposure to IT risks and controls, with a strong understanding of related processes.