Delivering the most important & complex payments.

Senior SOX IT Analyst

AnalystAnalystFull TimeRemoteTeam 1,001-5,000H1B SponsorCompany Site LinkedIn

Location

Massachusetts

Posted

7 days ago

Salary

$100K - $130K / year

Bachelor Degree5 yrs expEnglishCyber Security

Job Description

• Liaise with the SOX Testing team (Internal Audit) and key stakeholders to ensure Flywire’s overall compliance with SOX Section 404 requirements. • Collaborate with various teams for all matters related to SOX IT General Controls (ITGC) • Respond to inquiries and escalations related to SOX ITGCs from internal and external auditors, ensuring timely resolution and clear communication • Work in lockstep with SOX team to ensure scope alignment and audit support • Drive efforts to improve SOX IT scoping strategies, develop a comprehensive understanding of applicable IT and business processes, and support the maintenance of integrated IT and business process, risk and control framework documentation • Consult on the control design and implementation of required and repeatable ITGCs with process owners to meet regulatory requirements, including for new products, processes and system implementation launches ensuring appropriate internal controls are in place prior to launch • Create and improve SOX ready documentation (e.g., narratives, flow charts, IT process & control descriptions) • Evaluate and track reported control deficiencies, root causes, and planned correctiveactions in conjunction with IT and business process owners to ensure timely and accurate resolution • Contribute to regular reports to senior leadership, and other stakeholders on the status of SOX IT compliance, control issues, and remediation progress • Strive to continuously improve the SOX program to be more efficient and effective through optimization and automation: Support the stand up of a continuous controls monitoring tool by ensuring SOX ITGC requirements are defined and in place to enable SOX readiness including automated ITGC evidence gathering and testing efforts • Support the integration of IT SOX controls with broader compliance initiatives, including PCI DSS, SOC2, and other regulatory requirements as needed • Serve as a subject matter expert on SOX ITGCs and provide guidance on ITGC-related matters thru cross functional discussions and workshops to foster a proactive risk management culture and alignment with SOX requirements and company objectives • Support training and communications as needed on relevant IT general control practices for the technology & cyber community • Stay abreast of evolving technology & cyber threats, news, and trends to enhance risk and control management strategies • Assist with special risk assessment and department initiatives, as assigned • Maintain procedures, playbooks, virtual webpages, and metrics dashboards surrounding SOX ITGC effectiveness

Job Requirements

Bachelor’s degree preferred in a technical field (e.g., Cybersecurity, Information Technology) or equivalent combination of education, training, and relevant experience
5+ years of relevant work experience in public accounting, internal auditing, and/or in SOX industry experience. Technology or Software industry experience preferred
Hands-on experience executing and managing cybersecurity assessments in a heavily regulated industry, including writing, documenting, and assessing risks/controls and drafting business process summaries for executives
Strong IT & security risk domain knowledge of technology and cybersecurity best practices, principles, tools, and industry control frameworks (e.g., SOX, GLI, NIST CSF, SOC2, PCI, CIS Critical Controls, COBIT, ITIL, CMMI)
Experience with designing testing approaches for ITGCs, ITACs, Interface Monitoring and related supporting controls
Understand the ITGC relationship with financial reporting to properly scope a SOX environment
“Anything Is Possible” attitude that is highly organized and results-driven to solve our most important challenges
Comfortable navigating shifting priorities in a fast-paced environment, with the ability to work independently with minimal supervision while also as an exceptional team player that excels at cultivating relationships and promoting collaboration and cohesiveness to fulfill our “We Are One Team” principle
Ability to translate risk/control standards into functional business requirements
Strong written and verbal communication skills to articulate risk/control insights to both technical and non-technical stakeholders
Proficient working with Google suite, GRC and project management tools (e.g., JIRA, AuditBoard, Netsuite)
Relevant professional certifications such as CISA, CISSP, CPA, CISM, or CRISC are preferred

Benefits

Competitive compensation
Employee Stock Purchase Plan (ESPP)
Flying Start - Our immersive Global Induction Program (Meet our Execs & Global Teams)
Wellbeing Programs (Mental Health, Wellness, Yoga/Pilates/HIIT Classes) with Global FlyMates
Competitive time off including FlyBetter Days to volunteer in your community and Digital Disconnect Days!
Great Talent & Development Programs (Managers Taking Flight – for new or aspiring managers!)