IT SOX Control Analyst

About the Company:

Elsevier is a global leader in information and analytics, helping researchers and healthcare professionals advance science and improve health outcomes. Our technology teams use cutting-edge technologies to build products and systems that advance science and health. We provide our customers with powerful digital solutions, helping them to research the biggest problems facing the world today.

About the Role:

The IT SOX Control Analyst plays a pivotal role in ensuring the effectiveness of all IT controls throughout the organization. With a focus on conducting comprehensive audits and monitoring compliance, the team works collaboratively with both internal and external auditors to uphold the highest standards of SOX compliance.

Responsibilities:

1. Carry out audits of STM Sarbanes Oxley controls, including performing process walkthroughs, testing design, and operating effectiveness of IT General Controls (ITGCs).
2. Assist the business with the testing of IT Application Controls (ITACs).
3. Follow up remediation actions with deficiency owners to close any deficiencies identified, including re-testing.
4. Support monitoring and reporting of testing status and escalation of issues/deficiencies for senior management.
5. Maintain documentation and evidence of IT controls and processes to support audit requirements through the Archer.
6. Support opportunities to simplify and standardize existing Sarbanes Oxley controls.
7. Support One Fusion project from a control perspective and conduct the necessary testing for readiness for 2025.
8. Review SOC1 reports from 3rd party vendors.
9. Support creation/development of training materials and training sessions for control owners to promote awareness and adherence to SOX requirements.

Requirements:

1. 4+ years of experience in IT audit/assessment (SOX in ITGC and ITAC) - preferably in major ERP like Oracle.
2. Demonstrate the ability to apply key principles, practices, and techniques related to IT Audit – User Security, Program Change Management, and IT Operations.
3. Educated to degree-level, BS Engineering/Computer Science or equivalent experience preferred.
4. Prior experience in a technology/cloud company environment.
5. Solid understanding of audit methodology, enterprise technology infrastructure, agile application development & maintenance, and IT architecture.
6. Strong project management skills.
7. Detail-oriented approach to gathering audit evidence, reviewing, and documenting test information.
8. Strong communication skills, including the ability to interact effectively with both technical and non-technical colleagues, and proficiency in written, oral, and interpersonal communication.
9. Self-motivated with good organizational and time management skills.

Bonus experience:

1. Experience working in the big 4.
2. CISA qualification.