We're a National Program Administrator, serving brokers with specialized coverages.
IT Security, SOX Specialist
Location
United States
Posted
2 days ago
Salary
$125K - $160K / year
Seniority
Senior
Job Description
IT Security, SOX Specialist
Distinguished Programs
• Lead and oversee the IT General Controls (ITGC) program to ensure SOX compliance across all systems, including control testing, deficiency evaluation, and remediation tracking. • Coordinate and execute on ITGC risk assessments, control documentation, walkthrough, and test activities across access management, change management, and IT operations. • Evaluate control design and operating effectiveness; identify deficiencies, assess risk impact, and partner with technology stakeholders on remediation planning. • Track remediation progress, validate corrective actions, and escalate unresolved risks in accordance with governance expectations. • Serve as the primary liaison with Internal Audit and external auditors, supporting SOX and other external audit requests and ensuring timely, audit-ready deliverables. • Prepare executive reports on control performance, deficiencies, and overall compliance status, while driving continuous improvement and control maturity. • Coordinate with IT stakeholders to obtain evidence, clarify control executions and support remediation activities. • Support the CISO in implementing internal security policies and providing required support to monitor, remediate, and improve the policies and procedures. • Manage security monitoring, incident response coordination, vulnerability management, and access governance activities. • Ensure appropriate security controls are integrated into system development lifecycle (SDLC), cloud deployments, and infrastructure operations. • Develop metrics, dashboards, and executive reporting related to security posture and compliance status. • Collaborate cross-functionally with Infrastructure, Application Development, and Shared Services teams. • Promote security awareness and compliance culture across the organization.
Job Requirements
- Bachelor’s degree in information security, Computer Science, Information Technology, or related field.
- 5+ years of experience in information security, IT audit, compliance, or risk management.
- 3+ years of experience managing SOX ITGC compliance programs.
- Strong understanding of: SOX ITGC controls, Access management and identity governance, Change management processes, IT operations controls, Risk management frameworks.
- Experience working with internal and external auditors.
- Experience engineering security solutions in both on-prem and cloud based environments.
- Strong project management, organizational and analytical skills.
- Excellent communication and stakeholder management abilities.
Benefits
- Great healthcare coverage including Medical, Vision, and Dental.
- 401k with 4% company match. Immediately 100% vested.
- Life, disability and supplemental insurance.
- Growth and development opportunities.
- Wellness Benefits including an Employee Assistance Program.
- Work/Life Balance with generous time off policy including PTO and paid holidays.
- Dependent Daycare flexible spending account.
- Paid parental leave.
- Commuter account.
- A sabbatical every 7 years.
- Summer Fridays (Leave at 2:00PM all Fridays from Memorial Day to Labor Day).
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior SailPoint App Security Specialist
IRIUMLíderes en gestión de servicios integrados de infraestructuras y plataformas IT.
• Participar en la gestión y evolución de soluciones de identidad y gobierno de accesos • Garantizar la seguridad e integridad de las aplicaciones corporativas
SAILPOINT App Security Specialist
IRIUMLíderes en gestión de servicios integrados de infraestructuras y plataformas IT.
• Participar en la gestión y evolución de soluciones de identidad y gobierno de accesos • Garantizar la seguridad e integridad de las aplicaciones corporativas
Security Software Engineer, IAM
VercelThe platform for frontend developers. Creators and maintainers of Next.js.
• Own the full IAM strategy for both corporate and production environments - defining the roadmap, standards, and architecture end to end • Migrate Okta and all related IAM configuration to Terraform, driving infrastructure-as-code adoption and leveling up engineering teams in its use • Lead Vercel-on-Vercel and Vercel infrastructure cleanup initiatives, ensuring our internal systems reflect the same standards we sell to customers • Design and enforce least-privilege access controls across cloud, SaaS, and production infrastructure • Partner with platform and engineering teams to embed IAM best practices early in the design process • Build and manage MDM/MAM tooling to secure endpoint and mobile device access across the organization • Drive automation across provisioning, deprovisioning, and access review workflows • Serve as the IAM subject matter expert across Security, IT, and Engineering
Analista Security Awareness, Junior
ASAASSimplificamos o recebimento de cobranças para pessoa física, MEIs e grandes empresas.
• Apoiar na execução do programa de conscientização e cultura de Segurança da Informação da empresa • Auxiliar na criação e redação de conteúdos educativos, comunicados internos, newsletters e materiais de apoio para campanhas de conscientização • Dar suporte na organização e logística de treinamentos, eventos e palestras voltadas para o tema • Acompanhar e extrair relatórios de plataformas de treinamento e simulações de phishing • Interagir com os colaboradores para sanar dúvidas básicas sobre as boas práticas de segurança, direcionando casos complexos para o time sênior/pleno • Auxiliar na atualização constante de indicadores e planilhas de métricas da área
