IT Internal Control Manager

Key ResponsibilitiesControl Design & Implementation:Develop, document, and implement IT general controls (ITGCs) and application-level controls in alignment with company policies and industry standards (e.g., COSO, COBIT).Collaborate with IT teams to integrate controls into new and existing systems and processes.Control Testing & Monitoring:Execute and document testing of IT controls to ensure operating effectiveness for internal and external audits (e.g., SOX compliance).Perform continuous monitoring of key IT controls and systems.Identify and assess IT-related risks and control deficiencies.Compliance & Audits:Serve as a primary point of contact for internal and external auditors during IT control audits.Manage evidence collection and review requests from auditors.Ensure compliance with relevant regulations and standards (SOX, ISO 27001, NIST, etc.).Issue Management & Remediation:Investigate and analyze control deficiencies or audit findings.Work with process owners to develop actionable remediation plans.Track and report on the status of remediation activities to closure.Reporting & Communication:Prepare clear and concise reports on the status of the IT control environment, key risks, and audit issues for management.Effectively communicate control requirements and best practices to technical and non-technical stakeholders.Qualifications & ExperienceRequired:Bachelor’s degree in Information Systems, Computer Science, Accounting, Finance, or a related field.3+ years of direct experience in IT auditing, IT internal controls, IT risk management, or IT compliance.Hands-on experience with SOX 404 compliance and testing of ITGCs (e.g., Access Security, Change Management, Computer Operations).Strong understanding of key IT processes and infrastructure (e.g., Windows, UNIX, databases like SQL/Oracle, network security).Proficiency in using GRC (Governance, Risk, and Compliance) platforms.Preferred:Relevant professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or CIA (Certified Internal Auditor) are highly desirable.Experience with cloud environments (AWS, Azure, GCP) and associated controls.Knowledge of frameworks such as COBIT, ITIL, NIST CSF, or ISO 27001.Required Skills & CompetenciesAnalytical Mindset: Strong analytical and problem-solving skills with the ability to assess complex processes and identify risks.Attention to Detail: Meticulous in control testing, documentation, and reporting.Communication Skills: Excellent verbal and written communication skills, with the ability to explain technical concepts to a non-technical audience.Project Management: Ability to manage multiple tasks simultaneously and meet deadlines.Collaboration: A team player who can build effective working relationships across IT and business functions.