IT SOX Manager

We are a world-leading smart mobility SaaS company with over 2,000,000 subscribers across 23 countries and we are looking for a IT SOX Manager to join our team. Our teams are collaborative, vibrant and fast-growing and all team members are empowered with the freedom to influence our business with ideas that drive innovation and efficiency.

Responsibility: 

• Report to the Group Head, SOX Internal Controls and Risk.
• Define, implement and maintain the internal IT SOX controls framework to ensure compliance with requirements of SOX. This includes efforts around all internal controls over financial reporting (ICFRs) with a focus on IT General Controls (ITGCs) as well as IT Application Controls (ITACs). These will be performed in collaboration with stakeholders including Finance, Operations, Technology Services and Engineering.
• Assess deficiencies identified, work with stakeholders to recommend remediation plans/ strategies, and perform validation on remediation actions.
• Handle IT risk and control matters with internal and external parties.
• Perform risk-based assessments, understand, evaluate and advise the business environment and related IT internal controls.
• Coordinate and manage IT SOX testing with external auditors.
• Develop and maintain business relations with senior management, and be the trusted risk and controls advisor on IT-related matters.

Requirements: 

• A good degree in Engineering, Information Technology (IT) or related disciplines with IT focus.
• Professional certification (e.g., CISA, CISSP).
• 10-15 years of audit and risk advisory (including SOX) experience.
• Knowledge of programming languages (e.g., Python, Java, or C++).
• Proficiency in productivity tools (e.g., MS Word, Excel, PowerPoint).
• Excellent command of English.

Experience and knowledge in the following:

• Leadership skills with strong confidence for interaction with senior stakeholders.
• Knowledgeable with current industry standards such as COBIT.
• IT audit and control experience in Big 4 or leading organizations, with a focus on the technology and/or online internet economy sector.
• Demonstrated track record in leading engagements within a professional services or consulting environment, combined with ability to work effectively in teams.
• Good presentation skills, both oral and written.
• Able to work in a fast-paced environment.
• Excellent project management skills and a demonstrated ability to follow through and complete tasks within tight deadlines.
• Knowledge and understanding of internal controls, IT security controls, risk assessment, management and governance, fraud, auditing techniques and methodologies.
• Strong technical competencies and capabilities in audits of infrastructure, network and applications of different platforms managed by different departments or teams.
• Able to work independently, be a good team player, and be resourceful with good interpersonal and communication skills.
• Candidates with the above attributes and with CISA / CISSP certification, data analytics, and/or data science capabilities would have a strong advantage.
• Proven track record in assessing IT controls (networking, operating systems, systems software, information security, disaster recovery, system lifecycle and change management processes), conducting project reviews and performing data analytics.
• International exposure (US & APAC).