Senior IT SOX and Compliance Analyst
Irvine, CA, United States
Western DigitalWestern Digital, leaders in digital storage solutions compatible with Mac and PC. FREE shipping, friendly support, and 30-day return policy on storage products.
At Western Digital, our vision is to power global innovation and push the boundaries of technology to make what you thought was once impossible, possible.
At our core, Western Digital is a company of problem solvers. People achieve extraordinary things given the right technology. For decades, we’ve been doing just that. Our technology helped people put a man on the moon.
We are a key partner to some of the largest and highest growth organizations in the world. From energizing the most competitive gaming platforms, to enabling systems to make cities safer and cars smarter and more connected, to powering the data centers behind many of the world’s biggest companies and public cloud, Western Digital is fueling a brighter, smarter future.
Binge-watch any shows, use social media or shop online lately? You’ll find Western Digital supporting the storage infrastructure behind many of these platforms. And, that flash memory card that captures and preserves your most precious moments? That’s us, too.
We offer an expansive portfolio of technologies, storage devices and platforms for business and consumers alike. Our data-centric solutions are comprised of the Western Digital®, G-Technology™, SanDisk® and WD® brands.
Today’s exceptional challenges require your unique skills. It’s You & Western Digital. Together, we’re the next BIG thing in data.
We will consider qualified candidates within Southern California IF they can be onsite at our Irvine office 3 days per week.
Western Digital is looking for a Senior IT SOX and Compliance Analyst. This is an individual contributor role and will focus on IT SOX, PCI compliance, and other areas of compliance related to IT and security. The qualified candidate will have extensive experience and knowledge of IT General Controls (ITGCs), IT Application Controls (ITACs), PCI Compliance, and will have worked within a large corporation collaborating with IT, the business, and Internal and External Audit teams. The ideal candidate must be familiar with on premise and SAAS based IT platforms, especially ERP, financial, and HR systems. The ideal person will have setup and/or maintained the ITGCs, ITACs, System Development Lifecycle (SDLC), and other key controls as identified by our audit programs.
The Senior IT SOX and Compliance Analyst will be part of the IT Compliance team and serve a second line of defense function. This person will be responsible for the audit processes, managing IT SOX controls and projects that help the business achieve its financial, operational objectives, building and maintaining relationships with the internal and external audit teams, collection of evidence, and remediating exceptions and findings from audits. The role requires the ability to handle multiple concurrent projects using strong analytical skills, flexibility, and ingenuity. Strong interpersonal and communication skills (both written and verbal).
- Define and document the ITGCs for Sarbanes Oxley (SOX) 404 compliance. Partner with third party internal and external auditors to align on the appropriate control set that optimizes the trade-offs between risk and administrative costs.
- Manage internal testing of the ITGCs for SOX, including periodic access reviews, change management, SDLC audit, and other ongoing key controls.
- Work with IT process owners to identify/improve and document detailed controls for key application, security, and infrastructure components.
- Manage the preparation, planning, and execution of organization wide IT SOX control tests.
- Partner with all levels of IT and business management to ensure that SOX testing is conducted in a cooperative, timely, and efficient manner with value added reporting and cost-effective recommendations being provided to management to strengthen controls.
- Provide on-going organization wide guidance on IT control requirements and impact.
- Routinely summarize and communicate to affected IT and business management and control owners, control weaknesses identified during testing and share any insight into operations or suggestions for corrective actions and improvements that will drive increased efficiency while mitigating business risks.
- Review the adequacy of remediation plans in addressing risk and monitor remediation plan execution through the ‘deficiency closed’ phase.
- Ensure IT SOX compliance with corporate reporting submission standards and timelines.
- Prepare reports on findings and recommendations for policy, procedure, and internal control improvements.
- Create, direct, and/or perform the preparation and execution of security related IT control tests including IT segregation of duties reviews.
- Provide or assist in preparing and conducting IT focused internal controls training.
- Perform customary administrative tasks and responsibilities.
- Other assignments or special projects as requested by management.
- Coordinate with internal and external auditors as well as other key stakeholders on the SOX testing plan regarding ongoing testing of controls and provide support to ensure timely and smooth completion of SOX projects.
- Ensure compliance with PCI-Compliance, GDPR, and other compliance requirements for IT systems.
- 8+ years of relevant experience in the Information Technology Compliance/Audit/Security fields.
- Bachelor's Degree in Information Systems, Cyber Security, Accounting, Finance, Business Administration or related discipline.
- Knowledge and experience with diverse IT architectures and enterprise IT data centers, large-scale transaction processing environments, external hosted services and cloud computing environments.
- Experienced with control frameworks used in IT SOX, COSO, COBIT and how this applies to the achievement of IT SOX objectives - Technology Compliance and Information Security.
- Experience using risk management (GRC) tools such as ServiceNow GRC, RSA Archer, etc.
- Requires technical knowledge of IT controls and PCI compliance.
- Confidence/willingness to ask questions and raise issues/concerns in a timely manner.
- Must be able to multi-task, work efficiently under tight deadlines and proactively track and report progress.
- A positive, energetic, “can do” attitude that thrives on identifying issues and opportunities - we are looking for people who want to blaze their own trail and own their career.
- Sound professional judgment, critical thinking, and business acumen.
- Self-motivated to apply learned experiences and leverage best practices to deliver continuous process improvement.
- Excellent communication skills (interpersonal, intercultural, written and verbal) and superior client relation skills.
- Adept at navigating unstructured and fast paced work environment.
- Ability to isolate the root cause for control gaps, and able to identify and suggest viable solutions.
- Excellent data analysis skills leveraging Microsoft Office toolset (SQL, Excel, PowerPoint, Word, Visio).
- Big-4 public accounting audit experience is preferred but not required.
- Professional Certification is preferred (CISA, CISSP, SSCP, CPA, or equivalent).
- Primary work in an assigned office and/or home office environment.
- Being flexible and accommodating when working with people from different time zones across the world
Western Digital is committed to providing equal opportunities to all applicants and employees and will not discriminate based on their race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person’s gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person’s assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the Equal Employment Opportunity is the Law poster.
Western Digital thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Western Digital is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at firstname.lastname@example.org to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
USA, CO, Colorado Springs … USA, CO, Colorado Springs (150 Vandenberg St) Full TimeSenior Senior-levelUSD 81K - 186K USD 81K+
Booz Allen Hamilton
Cyber Operations for Space Analyst and Technical WriterClearance Compliance Computer Science ConOps DoD DoDD 8140 +5
401(k) matching Career development Equity Flex hours Flex vacation +4
Allen, TX, United States Allen, TX, United States Full TimeSenior Senior-levelUSD 52K - 98K * USD 52K+ *
CFC (Cyber Fusion Centre) Sr. Threat Detection Analyst I - US REMOTE ONLYAgile CERT Firewalls GIAC IDS Intrusion detection +9
401(k) matching Career development Competitive pay Equity Flex hours +5
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open DoD-related jobs