Control Associate
Current· Support the SOX IT general control framework and related activities.· Confirm that the control frameworks are organized, maintained, and measured across the corporate IT environment.· Assist with our semi-annual audit cycle: User Access Reviews and SOC reviews.· Monitor and assess compliance with SOX requirements utilizing internal and external resources, including documentation of new processes and controls, updating existing processes and controls, and testing controls.· Assist the IT Controls Manager in making control processes more robust, secure, and efficient, especially user access reviews.· Request, obtain, review, and analyze a variety of artifacts to assist in executing IT controls testing such as security plans, SOPs, system screenshots, and system configuration settings· Continuous monitoring of change management practices, system access and security configurations throughout the organization.· Support responses on findings and deficiency assessments and help track follow-through on remediations.· Perform rigorous assessments of IT controls using industry-standard guidance, leading practices, and professional judgement.· Support risk-based IT and Information Security project audits in accordance with the annual audit plan.· Work collaboratively with business and corporate units to embed an understanding of the risk profile and risk appetite of the firm.· Summarize, document, and communicate IT controls assessment results to a variety of stakeholders, including senior leadership.