Plug Power
IT SOX Audit Manager
Plug Power, Latham, New York, United States, 12110
IT SOX Audit Manager
Status: Exempt (Salaried)
Department: IT
Position Summary
Plug Power is seeking an IT SOX Manager to work with teams across the company to identify and make recommendations on information technology risk and control optimization. The ideal candidate has prior IT auditor experience and is familiar with SaaS (Software-as-a-Service) Architecture, security, support and operations. The IT SOX Manager position involves defining a controls framework, assisting in conducting assessments, and providing consulting services to management and users on information and systems risk and compliance. This includes performing IT, financial, and operational audits in order to evaluate compliance with Plug Power and public sector policies and procedures.
Core Duties and Responsibilities
Conducts compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulationsConduct walkthroughs and test operating effectiveness of IT General Controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as SAP/4HANA, Salesforce, and WorkdayDevelops and maintains entity level controls (ELC's)Documents systems, processes and controls using narratives, flow charts, data flow diagrams, control designs, etc.Performs risk assessment(s) using various industry standard frameworksAssesses the effectiveness of internal controls over key IT riskCoordination and collaboration with the internal business SOX team and critical stakeholder and liaison for external audit deliveryIdentifies and recommends business process changes resulting in strengthened internal controlsReviews testing approach and align expectations with control owners and external auditors to ensure key risks are addressed efficiently and that process changes are communicated and assessed timelyLiaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are metFacilitates communication with external auditors and serve as a liaison for IT stakeholdersIdentifies and shares improvement opportunities to control owners on testing and documentation in performance of the controlsEscalates, researches, and assesses deficiencies identified and work with Management to identify an appropriate solution. Evaluate remediation activities and perform retesting to verify appropriate resolutionIdentifies opportunities for enhancements in overall SOX program efficiency and effectiveness for centralization, standardization, and automation
Education and Experience
Bachelor's degree or equivalent in Business Administration, Computer Science, Information Systems, Mathematics, or related area of study5+ years of general IT controls experience including supervisory experience4+ years experience with assessing and testing IT controls for complex ERP systems to support audits.Demonstrated knowledge and experience in Sarbanes-Oxley (SOX) general IT control areas. Big-4 experience preferredDemonstrated experience leading an internal or external IT SOX audit or bothDomain expertise and experience in utilizing various methodologies and frameworks, including COBIT, NIST, COSO, ITIL, ISOExperience and exposure to 27001/27002 and 27018, NIST 800-53, SOC 1 and SOC 2 Type 2 concepts, and knowledge of standard SEC rules and practicesDeep understanding of general security, process, and technology concepts, and practicesExcels in a fast paced and evolving environmentDemonstrated ability to solve problems, improve processes, and document findingsAbility to work both independently under general supervision and with a team; ability to take initiative and exercise strong independent judgmentEffective verbal and written communications, including active listening skills, and skill in presenting findings and recommendationsAbility to establish and maintain harmonious working relationships with co-workers, staff and external contractors/auditors, and to work effectively in a professional team environmentCBAP/CISA/CompTIA certifications desiredExposure or working knowledge of SAP S/4HANA desired
Plug Power, Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Estimated Base Salary Range:
$96,800.00 - $154,900.00
"Plug Power Inc. prides itself on being an Equal Employment Opportunity (EEO) Employer. Neither the Company, nor any of its representatives, will discriminate against an applicant for employment or an employee because of race, creed, color, religion, sex, sexualorientation, gender identity, transgender status, national origin, ancestry, age, physical or mental disability, genetic information, predisposition or carrier status, marital or familial status, domestic violence victim status, military or veteran status, known relationship or association with any member of a protected class, or any other characteristic protected under applicable law. "
Minimum Salary: 31200.00 Maximum Salary: 31200.00 Salary Unit: Yearly
Status: Exempt (Salaried)
Department: IT
Position Summary
Plug Power is seeking an IT SOX Manager to work with teams across the company to identify and make recommendations on information technology risk and control optimization. The ideal candidate has prior IT auditor experience and is familiar with SaaS (Software-as-a-Service) Architecture, security, support and operations. The IT SOX Manager position involves defining a controls framework, assisting in conducting assessments, and providing consulting services to management and users on information and systems risk and compliance. This includes performing IT, financial, and operational audits in order to evaluate compliance with Plug Power and public sector policies and procedures.
Core Duties and Responsibilities
Conducts compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulationsConduct walkthroughs and test operating effectiveness of IT General Controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as SAP/4HANA, Salesforce, and WorkdayDevelops and maintains entity level controls (ELC's)Documents systems, processes and controls using narratives, flow charts, data flow diagrams, control designs, etc.Performs risk assessment(s) using various industry standard frameworksAssesses the effectiveness of internal controls over key IT riskCoordination and collaboration with the internal business SOX team and critical stakeholder and liaison for external audit deliveryIdentifies and recommends business process changes resulting in strengthened internal controlsReviews testing approach and align expectations with control owners and external auditors to ensure key risks are addressed efficiently and that process changes are communicated and assessed timelyLiaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are metFacilitates communication with external auditors and serve as a liaison for IT stakeholdersIdentifies and shares improvement opportunities to control owners on testing and documentation in performance of the controlsEscalates, researches, and assesses deficiencies identified and work with Management to identify an appropriate solution. Evaluate remediation activities and perform retesting to verify appropriate resolutionIdentifies opportunities for enhancements in overall SOX program efficiency and effectiveness for centralization, standardization, and automation
Education and Experience
Bachelor's degree or equivalent in Business Administration, Computer Science, Information Systems, Mathematics, or related area of study5+ years of general IT controls experience including supervisory experience4+ years experience with assessing and testing IT controls for complex ERP systems to support audits.Demonstrated knowledge and experience in Sarbanes-Oxley (SOX) general IT control areas. Big-4 experience preferredDemonstrated experience leading an internal or external IT SOX audit or bothDomain expertise and experience in utilizing various methodologies and frameworks, including COBIT, NIST, COSO, ITIL, ISOExperience and exposure to 27001/27002 and 27018, NIST 800-53, SOC 1 and SOC 2 Type 2 concepts, and knowledge of standard SEC rules and practicesDeep understanding of general security, process, and technology concepts, and practicesExcels in a fast paced and evolving environmentDemonstrated ability to solve problems, improve processes, and document findingsAbility to work both independently under general supervision and with a team; ability to take initiative and exercise strong independent judgmentEffective verbal and written communications, including active listening skills, and skill in presenting findings and recommendationsAbility to establish and maintain harmonious working relationships with co-workers, staff and external contractors/auditors, and to work effectively in a professional team environmentCBAP/CISA/CompTIA certifications desiredExposure or working knowledge of SAP S/4HANA desired
Plug Power, Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Estimated Base Salary Range:
$96,800.00 - $154,900.00
"Plug Power Inc. prides itself on being an Equal Employment Opportunity (EEO) Employer. Neither the Company, nor any of its representatives, will discriminate against an applicant for employment or an employee because of race, creed, color, religion, sex, sexualorientation, gender identity, transgender status, national origin, ancestry, age, physical or mental disability, genetic information, predisposition or carrier status, marital or familial status, domestic violence victim status, military or veteran status, known relationship or association with any member of a protected class, or any other characteristic protected under applicable law. "
Minimum Salary: 31200.00 Maximum Salary: 31200.00 Salary Unit: Yearly