• Principal – IT Compliance

    Job Locations US-PA-Newtown Square
    Posted Date 3 months ago(9/28/2018 8:46 AM)
    # of Openings
  • Overview

    The IT Compliance Principal will be responsible for the design and implementation of IT controls for systems and infrastructure supporting the various businesses, helping to create and implement effective IT governance processes (e.g. IT policies and procedures) as well as coordinating with management to remediate identified gaps to comply with SOX requirements. As IT controls become embedded into the control environment and stabilized for operating effectiveness, the IT Compliance Principal would also facilitate certain key initiatives to improve the management of IT security, availability, and processing integrity across the organization in support of our objectives and in response to key risks identified.


      • Work with IT process owners to ensure timely review and updates to IT process documentation and controls for new and/or existing systems relevant to financial reporting;
      • Maintain the IT control matrix and system scoping list in response to changes or outcomes from process/control walkthroughs;
      • Assist in coordinating, facilitating, and providing guidance on SOX compliance as it relates to financially relevant systems and their correlated IT processes. This includes working with the stakeholders including, but not limited to business owners, external auditors, and internal audit;
      • Coordinate with IT process and control owners to remediate identified exceptions and/or control gaps;
      • Assist with the development, implementation, management, and reinforcement of IT specific policies, procedures, and protocols that ensure repeatable, sustained SOX compliance within the organization;
      • Monitor and assist in activities such as user access provisioning/de-provisioning, access recertification, and change management as required;
      • Support project teams to meet SDLC control requirements for implementations and upgrades for all financially significant systems including but not limited to the Microsoft Dynamic suite and SAP (e.g. security and control, and/or optimizations of business process controls and application security);
      • Coordinate “steady-state” IT testing plans with the Internal Audit department
      • Coordinate assessments to evaluate and define controls, security, and segregation of duties as it relates to system optimization, implementation and/or configurations, emphasizing the following areas:
      • o    Identifying key risks and controls, as well as configuration of controls around security  
      • o    Working directly with systems integrators in developing business requirements and business controls in SAP-related and/or SAP GRC-related implementations and/or Microsoft Dynamic-related implementations. Drive controls implementation for customized in-house systems
      • o    Understanding the business, industry and/or technologies and leveraging extensive project management skills in relation to SAP and/or Microsoft Dynamic projects, including developing project plans and deliverables schedules




    • At least 5+ years’ experience with managing IT control assessments for publicly traded companies subject to Sarbanes Oxley regulatory requirements.
    • Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar qualification.
    • Experience performing IT control assessments for SAP and Microsoft Dynamics ERPs as well as Active Directory, and common infrastructure software (AIX, Linux, Oracle, SQL Server, etc.)
    • Knowledge of IPO readiness a plus
    • Accounting or IT audit experience in hospitality or consumer product industries is a plus
    • Fluent in Spanish language is a plus
    • Ability to balance multiple priorities and meet deadlines  



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed