Information Technology (IT)/SOX Senior Internal Auditor - Hybrid
Posted 2025-03-15About the position
The Information Technology Internal Senior Advisor is a global role focused on leading IT general computing control testing support for Sarbanes-Oxley (SOX) and non-SOX environments. This position is part of the Internal Audit SOX/SOC Center of Excellence team and involves collaboration with organization-wide Technology teams to enhance SOX control and risk mitigation practices, identify control gaps, and support audit activities. The successful candidate will serve as a subject matter expert in audit best practices related to pharmacy benefit management (PBM) and corporate technology support functions.
Responsibilities
? Execute key functions of Internal Audit's SOX/SOC oversight program for Evernorth
,
? Coordinate testing oversight, evidence gathering, deficiency analysis, and additional testing in support of external and internal audit teams
,
? Collaborate with Financial Compliance team and SOX office to assess scope and facilitate testing coverage
,
? Meet frequently with control owners to assess compliance with audit requests
,
? Collaborate with technical teams to interpret control requirements and assess design and operating effectiveness of key controls
,
? Identify and communicate internal and external security/audit risks through analysis of control evidence
,
? Assess the effectiveness of IT general controls, including system development, security, backup, disaster recovery, and maintenance controls
,
? Review and provide feedback on scope changes to systems and infrastructure and integrate them into SOX testing strategy
,
? Assist internal SOX testing team in execution of annual SOX test program
,
? Perform and document testing over key IT general controls
,
? Review and respond to internal and external data requests for regulatory audits
,
? Assist with engagement planning, fieldwork, and reporting
,
? Advise management on control implementation, remediation, and process changes, including follow-up on identified gaps
,
? Develop and deliver risk and control awareness training
,
? Prepare, review, and deliver documentation and reports for internal and external stakeholders
,
? Influence senior and line management on risk and control matters
,
? Manage and review the work of staff performing control assessments, providing feedback and improvement opportunities
,
? Contribute to process improvements, including establishing continuous monitoring models and staying current on emerging technology trends
Requirements
? Bachelor's degree in a related field with 10+ years of relevant experience preferred
,
? Strong understanding of controls, risk, and audit methodology over information technology
,
? Certifications such as CISA, CIA, CISM, or CISSP preferred
,
? Expertise in executing regulatory compliance audits such as SOX and SOC1
,
? Experience in auditing pharmacy benefit manager (PBM) and corporate functions preferred
,
? Excellent written and verbal communication skills
,
? Innovative enterprise mindset (self-starter, action-oriented, results-driven) and a proactive approach to improving internal processes
Nice-to-haves
Benefits
For more such jobs please click here!