IT Internal Control Specialist
IT Internal Control Specialist
40 hours per week
Temporary assignment (6 months)
About the role:
As a IT Internal Control Specialist you will act as the first line of defense to develop, monitor and challenge internal controls and risks within the IT Department. You will support to IT management and collaborate with Internal and External Audit to define, monitor, execute, analyze and enhance IT processes:
- Manage and drive compliance of Internal Controls over Financial Reporting (ICFR) program and Sarbanes-Oxley Act (SOX) requirements, focusing on IT General Controls and Application Controls for the IT Department.
- Monitor and Assess user access within key SAP Systems (including appropriateness of activity) to critical transactions and possible segregation of duty violations.
- Identify risks within new IT projects and develop plans to eliminate, control, or monitor them.
- Advise on IT components of business controls and projects.
- Make recommendations that add value and provide maximum payback to the business or process under review in an effort to drive adoption.
- Review/formulate/challenge procedures and processes to meet corporate governance, best practice, and internal control requirements.
- Work with IT department to assess and monitor IT General Controls (ITGC) and Application Controls, including:
- Control execution on a quarterly basis of various key controls over system access, system configurations, change management and computer operations.
- Ensure that controls executed by various control owners are performed timely and effectively documented to meet internal control standards / requirements.
- Perform risk assessments on the impact of control gaps.
- Monitor and Assess user access (including appropriateness of activity) to critical transactions and possible segregation of duty violations.
- Update critical access risks and segregation of duty violation criteria to reflect evolving technology and business models.
- Provide subject matter expertise to the IT Department on control design, implementation, execution, and standardization.
- Review new business and technology projects for IT, Compliance, and Security risks.
- Perform root cause analysis to identify opportunities for improvement and enhancement.
- Promote awareness on compliance issues or requirements.
- Review the suitability of internal control design (including the ability to conceptualize business requirements and related risks to identify possible automated controls).
- Assess ongoing compliance with policies and procedures.
- Liaise with Internal and External Auditors during the annual audit to provide evidence and explanations with respect to internal control compliance efforts.
- Work on special projects as deemed necessary.
Education and Experience:
- University degree in Information Systems, Business Administration, or other related field required.
- Prior experience includes 5+ years Information Systems / IT Auditing
- Experience working with SOX or similar ICFR frameworks from an IT perspective.
Knowledge, Skills and Abilities:
- Knowledge of COSO and COBIT internal control frameworks.
- Experience operating and/or auditing in an SAP environment, including SAP ERP, GRC, EWM, BW and BPC Systems.
- Ability to lead, facilitate, and organize diverse stakeholders to achieve business results.
- Strong analytical skills, process oriented, problem identification/solving skills and close attention to detail required.
- Excellent communication skills (written and verbal).
- Excellent organizational and interpersonal skills and a team player.
- Must be motivated, hands-on, a self-starter, be confident to ask for direction when required.
- Ability to communicate complex technical information to non-technical audiences.
- Demonstrated adaptability to change, continuous learning, and problem solving required.
- Proficiency with MSOffice Suite
- SAP ERP experience (GRC experience is a plus)
- Big 4 Experience is a plus
- Fluency in English language is required.
In case you feel like this could be the perfect fit, please contact me via e.smid(a)jpgray.nl and add your curriculum vitae so we can get in touch! Please take into account this is a temporary position for 6 months.