Here's What You'll Do
• Collaborate with partners and work with departmental team members to implement a SOX program focused on SOX ITGC & ITAC –
• In-depth knowledge of IT general controls:
o Access management
o Change management,
o IT operations,
o Application controls,
o System interface controls,
• Perform Detailed analysis of key processes to document the design of SOX controls and identify design gaps for remediation.
• Work in a team environment and ensure all outcomes are met in the desired timeframe.
• Executing and tracking completion of Management Control Reviews (MCRs).
• Work with control owners to provide evidence for Internal and external auditors.
• Participate in System and Organization Controls (SOC 1) documentation.
• Perform testing of key controls, validate/review any deficiencies with control owners and as required, develop, validate, and track the remediation efforts.
• Review the ITAC (Input controls, Processing Controls, Output Controls)
• Working on Audit tools like AuditBoard, & other tools like JIRA, Confluence.
What We'd Like to See
• Broad Minded, able to share information, connect with other teams and Informatica employees.
• A nature with varying environments and cultures. Excited about working with a GRC team that encourages cross-training and occasionally supporting other tasks inside the team (supplier trust, compliance efforts, training)
• Manage assignments and prioritizing it.
• You can network with the departments even if you are not in the same office.
• Experience documenting and contributing to the development of security plans, compliance process flows and process creation.
Role Essentials
• 3+ years progressive experience in audit with SOX 404 experience.
• Bachelor's degree in computer science, management information systems, or related field.
• Industry certifications such as CISA,
• Demonstrated completing Information Security assessments for technology companies.,
1+ years of experience doing assessment work in an IT Operations environment, i.e., security operations, server/network management, OS, databases.
• Experience with common security and privacy frameworks (i.e. ISO 27001, SOX IT Controls, SOC2 Trust Principles, PCI-DSS, HIPAA, GDPR, NIST 800-53, FedRAMP, CIS).
• Demonstrated knowledge of cloud environments
• Demonstrated knowledge of assessment methodologies, tools& JIRA knowledge
• Minimum 2+ years of relevant professional experience
