SOX Compliance Analyst

IT Audit & Compliance Analyst

The IT Audit & Compliance Analyst will serve as subject matter expert and is responsible for assisting the Director of Information Security in assessing, developing, implementing, maintaining, and monitoring Bonnell Aluminum’s IT compliance programs by providing guidance, support, analysis, and reports to IT management based on internal and external compliance requirements such as SOX and TISAX. This role will also heavily engage with IT management, staff, and departments outside Tredegar/Bonnell’s IT department, as well as Internal Audit and external auditors, in continuously identifying gaps, feasible resolutions and improvements to control weaknesses and opportunities in support of Bonnell Aluminum’s internal controls.

What You'll Be Responsible For:

Strategy & Planning

• Engage with IT management, staff, and teams outside Tredegar/Bonnell IT department, as well as Internal Audit, and external auditors, to identify feasible resolutions to control weaknesses and opportunities for improvement.
• Apply knowledge of operating systems, application development, change management, operations, networking and telecommunications, databases, business continuity, disaster recovery, physical and logical security to develop and assist in implementation and enforcement of security compliance policies and procedures, to reduce technical risk and increase operational efficiency.
• Utilize automated tools and services to support the security compliance program in analysis and accurately documenting work performed to support findings, conclusions reached, and recommendations made.
• Periodically monitor activities of audited area(s), control self-assessments, following-up to ensure continued compliance with applicable internal policies, procedures, and external regulations, including monthly, quarterly, and annual account and activity reviews where applicable.
• Drive audit finding recommendations to increase compliance and accountability among all partner and customer groups.
• Create efficiencies within the IT / Finance /Manufacturing Departments by streamlining processes and audits.
• Complete ad hoc assignments, projects, and audits.
• Periodically and during audit peak season, work extended hours past 5pm.
• Maintain proficient knowledge of applicable compliance statutes, audit regulations and interpretations.

What You'll Need to Have:

• At least 1 year of experience in IT Risk and Compliance audits, IT Assurance, Internal Audit, other audit controls related field or related IT audit work in public accounting.
• Work experience in administering and/or testing windows and/or Linux servers, Active Directory structures, Oracle or SQL databases, AS400, SAP and/or VMware environments.
• An understanding of PCAOB guidance on generally accepted practices for testing SOX IT General Controls, Business Process Controls, Key Reports, and Application Controls a plus.
• An understanding of TISAX a plus.
• Experience deploying and using GRC tools a plus.
• Exceptional client service and communication skills. Strong technical aptitude and problem-solving skills, excellent analytical, communication (written and verbal) and interpersonal skills.
• Effective project and time management skills for handling multiple priorities and simultaneous projects.
• Enthusiasm to learn through a combination of structured, on-the-job, and self-directed training.
• Ability to work efficiently and effectively in a complex and decentralized IT environment.
• Strong computer skills including proficiency in Microsoft Office suite applications.
• Must possess competence to understand and manage work/project obstacles and complexities, including work/project scope, key players, urgency, inherent risks, and business benefits.
• Ability to work additional hours and/or travel as needed.
• Bachelor's degree in Accounting, Finance, Information Technology, MIS, or related field. 
• A Desire to pursue CPA, CISA, CISSP, CIA or CISM license/certification.

What You'll Love About Us:

• Components of our Core: SAFETY; INTEGRITY; RESPECT; CELEBRATION; COMMUNICATION; TRUST; DIVERSITY; and ACCOUNTABILITY
• We’re People Leaders
• Competitive Salary
• Medical, Dental, and Vision Benefits
• Flexible and Dependent Care Spending Accounts
• 401(k) 
• Vacation Days
• Life Insurance
• Tuition Reimbursement