Sox Compliance Manager

Service Line: SOx Compliance Operations

Role:Access Management & Compliance Analyst

RESPONSIBILITIES

1. SOX Compliance Operations

Support day-to-day IT SOX compliance activities, including application and infrastructure controls.

Collaborate with IT System Owners to ensure the quality, consistency, and operational effectiveness of new and existing controls.

Review and validate control evidence to ensure accuracy, completeness, and precision of control execution.

Provide timely updates and status reporting in BAT audit and compliance tracking tools.

Maintain awareness of changes in regulatory requirements and internal policies, ensuring ongoing compliance.

2. SOX Testing & Analysis

Perform data analysis and impact assessments on SOX-related datasets and reports.

Participate in SOX Design Effectiveness (DE) and Operational Effectiveness (OE) testing for access-related controls.

Review operational and test findings, escalating potential critical issues to the Compliance Manager.

Support periodic risk assessments related to IT and application controls.

3. Compliance Management & Stakeholder Engagement

Manage compliance discussions and escalations with internal stakeholders.

Work closely with service owners and third-party vendors to address and resolve remediation items.

Facilitate coordination between business, IT, and audit teams to ensure control compliance and operational alignment.

Support internal and external audits by providing required evidence and responding to audit inquiries.

4. Documentation & Process Improvement

Maintain, update, and evergreen internal operational documentation.

Participate in and contribute to continuous improvement initiatives to strengthen compliance operations.

Proactively identify potential gaps in BAU processes, analyze root causes, and suggest improvements.

Develop and recommend best practices, templates, and tools for control monitoring and reporting.

Document lessons learned from past audit findings and remediation efforts to prevent recurrence.

5. Training & Knowledge Sharing

Assist in training and educating stakeholders on SOX compliance requirements and control processes.

Share knowledge and guidance with team members to promote consistent execution of controls.

6. Reporting & Metrics

Track and report key compliance metrics and trends to management.

Support dashboards and reporting initiatives to provide visibility into control effectiveness and audit status.

Identify and highlight recurring issues or emerging risks through reporting.

REQUIRED QUALIFICATIONS & SKILLS

Proficiency in data analysis and reporting using tools such as Excel, Power BI, SQL, or other relevant BI tools.

Strong analytical, problem-solving, and attention-to-detail skills.

Excellent communication and interpersonal skills, with the ability to collaborate across multiple teams and stakeholders.

Ability to prioritize tasks, manage deadlines, and work independently with minimal supervision.

Proactive mindset, demonstrating the ability to identify gaps, suggest improvements, and think critically about compliance risks.

PREFERRED EXPERIENCE

Prior experience in SOX remediation, risk assessment, or audit liaison roles.

Knowledge of industry best practices in IT governance, risk, and compliance (GRC).

Experience working in a multinational or complex IT environment.

Familiarity with automation and process improvement initiatives in compliance operations.

Experience in operation or managing internal process and compliance controls against defined IT processes.

Exposure to IT identity management solution is preferred.