Plug Power is seeking an IT SOX Manager to work with teams across the company to identify and make recommendations on information technology risk and control optimization. The ideal candidate has prior IT auditor experience and is familiar with SaaS (Software-as-a-Service) Architecture, security, support and operations. The IT SOX Manager position involves defining a controls framework, assisting in conducting assessments, and providing consulting services to management and users on information and systems risk and compliance. This includes performing IT, financial, and operational audits in order to evaluate compliance with Plug Power and public sector policies and procedures.
Core Duties And Responsibilities
Conducts compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
Conduct walkthroughs and test operating effectiveness of IT General Controls (ITGCs), IT application controls (ITACs), and Key Reports for complex applications such as SAP/4HANA, Salesforce, and Workday
Develops and maintains entity level controls (ELC’s)
Documents systems, processes and controls using narratives, flow charts, data flow diagrams, control designs, etc.
Performs risk assessment(s) using various industry standard frameworks
Assesses the effectiveness of internal controls over key IT risk
Coordination and collaboration with the internal business SOX team and critical stakeholder and liaison for external audit delivery
Identifies and recommends business process changes resulting in strengthened internal controls
Reviews testing approach and align expectations with control owners and external auditors to ensure key risks are addressed efficiently and that process changes are communicated and assessed timely
Liaison with IT stakeholders, IT Compliance, external auditors, third-party internal audit co-source partner, and other stakeholders as part of project management to ensure milestones are met
Facilitates communication with external auditors and serve as a liaison for IT stakeholders
Identifies and shares improvement opportunities to control owners on testing and documentation in performance of the controls
Escalates, researches, and assesses deficiencies identified and work with Management to identify an appropriate solution. Evaluate remediation activities and perform retesting to verify appropriate resolution
Identifies opportunities for enhancements in overall SOX program efficiency and effectiveness for centralization, standardization, and automation
Education And Experience
Bachelor's degree or equivalent in Business Administration, Computer Science, Information Systems, Mathematics, or related area of study
5+ years of general IT controls experience including supervisory experience
4+ years experience with assessing and testing IT controls for complex ERP systems to support audits.
Demonstrated knowledge and experience in Sarbanes-Oxley (SOX) general IT control areas. Big-4 experience preferred
Demonstrated experience leading an internal or external IT SOX audit or both
Domain expertise and experience in utilizing various methodologies and frameworks, including COBIT, NIST, COSO, ITIL, ISO
Experience and exposure to 27001/27002 and 27018, NIST 800-53, SOC 1 and SOC 2 Type 2 concepts, and knowledge of standard SEC rules and practices
Deep understanding of general security, process, and technology concepts, and practices
Excels in a fast paced and evolving environment
Demonstrated ability to solve problems, improve processes, and document findings
Ability to work both independently under general supervision and with a team; ability to take initiative and exercise strong independent judgment
Effective verbal and written communications, including active listening skills, and skill in presenting findings and recommendations
Ability to establish and maintain harmonious working relationships with co-workers, staff and external contractors/auditors, and to work effectively in a professional team environment
CBAP/CISA/CompTIA certifications desired
Exposure or working knowledge of SAP S/4HANA desired
Plug Power, Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Estimated Base Salary Range
$96,800.00 - $154,900.00
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Industrial Machinery Manufacturing
Referrals increase your chances of interviewing at Plug Power by 2x