Information Technology (IT)/SOX Senior Internal Auditor - Hybrid
Posted 2025-04-22About the position
The Information Technology Internal Senior Advisor is a global role focused on leading IT general computing control testing support for Sarbanes-Oxley (SOX) and non-SOX environments. This position is part of the Internal Audit SOX/SOC Center of Excellence team and involves collaboration with organization-wide Technology teams to enhance SOX control and risk mitigation practices, identify control gaps, and support audit activities. The successful candidate will serve as a subject matter expert in audit best practices related to pharmacy benefit management (PBM) and corporate technology support functions.
Responsibilities
?? Execute key functions of Internal Audit's SOX/SOC oversight program for Evernorth
,
?? Coordinate testing oversight, evidence gathering, deficiency analysis, and additional testing in support of external and internal audit teams
,
?? Collaborate with Financial Compliance team and SOX office to assess scope and facilitate testing coverage
,
?? Meet frequently with control owners to assess compliance with audit requests
,
?? Collaborate with technical teams to interpret control requirements and assess design and operating effectiveness of key controls
,
?? Identify and communicate internal and external security/audit risks through analysis of control evidence
,
?? Assess the effectiveness of IT general controls, including system development, security, backup, disaster recovery, and maintenance controls
,
?? Review and provide feedback on scope changes to systems and infrastructure and integrate them into SOX testing strategy
,
?? Assist internal SOX testing team in execution of annual SOX test program
,
?? Perform and document testing over key IT general controls
,
?? Review and respond to internal and external data requests for regulatory audits
,
?? Assist with engagement planning, fieldwork, and reporting
,
?? Advise management on control implementation, remediation, and process changes, including follow-up on identified gaps
,
?? Develop and deliver risk and control awareness training
,
?? Prepare, review, and deliver documentation and reports for internal and external stakeholders
,
?? Influence senior and line management on risk and control matters
,
?? Manage and review the work of staff performing control assessments, providing feedback and improvement opportunities
,
?? Contribute to process improvements, including establishing continuous monitoring models and staying current on emerging technology trends
Requirements
?? Bachelor's degree in a related field with 10+ years of relevant experience preferred
,
?? Strong understanding of controls, risk, and audit methodology over information technology
,
?? Certifications such as CISA, CIA, CISM, or CISSP preferred
,
?? Expertise in executing regulatory compliance audits such as SOX and SOC1
,
?? Experience in auditing pharmacy benefit manager (PBM) and corporate functions preferred
,
?? Excellent written and verbal communication skills
,
?? Innovative enterprise mindset (self-starter, action-oriented, results-driven) and a proactive approach to improving internal processes
Nice-to-haves
Benefits
Apply Job!