Skills

Communication Stakeholder Management Attention to detail

Job Specifications

Job Title: Security Analyst III – IT SOX Compliance

Location: Allentown, PA

Work Model: Hybrid (In-office Tuesday, Wednesday, Thursday)

Job Overview

We are seeking an experienced Security Analyst III to support and enhance an enterprise-level IT SOX Compliance program. This role will focus on evaluating the effectiveness and efficiency of IT controls, identifying improvement opportunities, strengthening control execution, and driving automation where possible.

The ideal candidate will bring deep expertise in IT SOX, control frameworks, IT General Controls (ITGCs), and audit collaboration within large enterprise environments.

Key Responsibilities

IT SOX Program Effectiveness

Evaluate the overall effectiveness and efficiency of the IT SOX Compliance program.
Identify practical improvement areas to strengthen control design, execution, and documentation.
Recommend opportunities for control optimization and automation.

Control Narrative Authoring

Develop, maintain, and update detailed control narratives for:
IT General Controls (ITGCs)
Application controls
System development controls
Ensure documentation accurately reflects current control design and operating procedures.
Collaborate with internal stakeholders to validate control narratives and address documentation gaps.

SOX Impact Assessment for Applications

Assess new and existing IT systems and applications (including third-party solutions) for SOX relevance.
Perform risk assessments and scoping determinations for in-scope applications.
Recommend required controls and remediation actions to support SOX and ICFR compliance.

SOC 1 Review & Disposition

Partner with control owners to review SOC 1 reports for third-party service providers.
Assess control adequacy and determine SOX impact.
Document findings and recommend remediation actions for identified gaps.

Control Testing & Remediation

Perform operational effectiveness testing of IT controls.
Track, validate, and document remediation efforts through closure.
Advise management on appropriate corrective actions and monitor progress.

Compliance Reporting & Audit Support

Provide regular reporting to management on SOX compliance status, control effectiveness, and remediation activities.
Represent IT in interactions with internal and external audit teams.

Continuous Improvement & Enablement

Drive continuous improvements to increase compliance efficiency and control quality.
Train and mentor IT control owners to improve consistency and quality of control evidence.

Cross-Functional Collaboration

Work closely with infrastructure, application, and security teams to integrate controls into IT processes and solutions.
Promote knowledge sharing and best practices across teams.

Qualifications

Required:

10+ years of experience supporting enterprise IT SOX programs within large or Fortune 500–level organizations.
Strong understanding of SOX requirements, ITGCs, and control frameworks.
Proven experience authoring control narratives and performing SOX risk assessments.
Hands-on experience testing IT controls and managing remediation efforts.
Experience reviewing and assessing SOC 1 reports.
Excellent communication, analytical, and stakeholder management skills.
Strong attention to detail with the ability to manage multiple priorities.

Nice to Have

Experience driving SOX automation or control optimization initiatives.
Prior experience working closely with internal and external audit teams in complex environments.

Thanks

Shivam

Email - shivam.awasthi@motionrecruitment.com

About the Company

Motion Recruitment delivers IT Talent Solutions for Contract, Direct Hire, Managed Solutions and Statement of Work to all of North America from our 21 delivery centers. Our high-touch, specialized, team-based recruitment model’s success is proven through our exemplary track record in filling the most challenging IT positions for startup and enterprise clients alike. Our hyper-specialized tech focus results in a truly consultative approach for both our clients and candidates, within our recruiting areas of expertise: Software... Know more