SOX Project Manager

Must Have Technical/Functional Skills

-Perform monthly and semi-annual access validations on SOX and non-SOX business applications.

-Oversee IT compliance, Access Management, change management, system operations and SDLC.

-Gather Access Data (user access list, Access Permissions/roles and environment

- Reconcile actual account permissions (REMOVE/deactivate, KEEP)

- Make corrections, once corrections are made (changes implemented) Gather a new access list

- Deep understanding of Management Assessment of internal Controls

- Looking for Experience in Active Directory and Understanding of QAR evidence preparation.

- Looking for Experience in internal and External Audit.

- Experience presenting SOX status reports and deficiency impacts to the Audit committee or CFO.

- Experience in Providing and Explaining the necessary evidence to both External and Internal Auditors.

- Proficiency in using GRC tools tools like Audit board, Service Now etc.

- Need to have a good understanding of the defencies raised by the Auditors and work with them in resolving.

- Need to coordinate and work with various applications team in doing the Periodic Reviews.

- Work with Engineering and finance teams to fix gaps, often by implementing automated workflow triggers.

Roles & Responsibilities

Need to have a good Experience in creating the weekly reports and monthly report for providing to Auditors

-Attend daily progress SCRUM meetings and provide updates on tasks

- Need to have a good understanding of the scoping of the applications and working on the Periodic Reviews

- Need to have good communication and experience in understanding the findings of Auditors for various applications supported by our team

Certifications needed
• PMP (Project Management Professional)
• CISA (Certified Information Systems Auditor)
• CISM (Certified Information Security Manager)
• CMA, ACA & CPFA

Generic Managerial Skills, If any
• Strong Communication Skill
• Create status reports and publish
• Coordination with multiple stake holders
• Coordinate with team across multiple towers
• Experience in connecting various stakeholders to gather evidence

Should have PM experience and have done stakeholder management
• Should have IT background, preferably IT application lifecycle
• Proficiency in using GRC tools like Audit board, Service Now etc.