Job Description
Are you excited about driving SOX compliance in a fast paced, dynamic, tech-forward environment? Come join our Global Financial Risk and Controls (GFRC) controls team to lead the IT SOX program.GFRC oversees internal controls over financial reporting, subsidiary compliance, internal controls readiness, process improvements, and other enterprise compliance activities. We are a subject matter expertise team that builds, designs, and consults with control owners across the enterprise. This role will require a deep understanding and experience with all aspects of internal controls including financial information technology systems for a complex, high-growth stage, multi-disciplinary organization.We are currently looking for experienced candidates who have held similar positions in large public companies or who have held a similar position within the advisory practice of a Big 4 public accounting firm serving Fortune 500 clients for +8 years. Requirements for this position also include a deep knowledge the COSO 2013 framework and SEC/PCAOB regulations, as well as the demonstrated ability to design and monitor an effective global risk-based internal control environment. Additionally, demonstrated experience in working collaboratively to accomplish challenges will be expected as this is an ongoing requirement for this position. Key job responsibilitiesIT SOX Program Management• Executing on IT SOX controls strategies, including maintaining and improving program policies and procedures• Contributing to deep dives on IT process areas to define the set of risks and controls in addressing financial reporting risk• Driving continuous improvement of the IT SOX program through risk assessment updates, methodology enhancements, and process optimization• Supporting the quarterly 302 sub-certification process and related reporting• Assisting in the evaluation of identified control deficiencies and monitoring of remediation effortsCompany-Wide Initiatives• Supporting company-wide initiatives that impact ITGC control design and implementation• Assisting with system implementation and migration and respective SDLC controls• Evaluating control implications for enterprise-wide technology transformations, platform consolidations, and new system launches• Partnering with cross-functional teams to ensure ITGC requirements are embedded into large-scale organizational programsIT SOX Control Consultation (Design & Implementation)• Driving control design and implementation with engineering, business, and accounting teams• Providing ongoing support to process owners/control owners and cross-functional teams to ensure controls are designed and implemented effectively• Advising engineering teams on ITGC requirements for access management, change management, and IT operations controls• Consulting on control solutions that balance compliance requirements with operational efficiency and scalabilityExternal Auditor Management• Managing auditor inquiries and facilitating timely resolution of identified findings• Maintaining ongoing relationships with external audit teams to proactively address emerging IT control concernsAbout the teamGFRC team's key purpose is to preserve Amazon's financial reputation by promoting strong controllership that supports internal controls over financial reporting (ICFR) designed to provide reasonable assurance that Amazon's consolidated and statutory financial statements are complete and accurate. We partner closely with our global customers to identify and mitigate key financial reporting risks to achieve the company's control objectives. We do this by maintaining the overall ICFR framework in the GRC platform and supporting the teams responsible for designing, documenting, executing, and assessing their processes, systems, and controls in their respective business environments.
