IT Compliance SOX ITGC Lead

Description -

This role is responsible for ensuring the delivery of cost-effective and standardized IT solutions across multiple business entities as well as engaging in large-scale IT projects. The role actively participates in major IT initiatives, ensuring effective communication with stakeholders and integration of business and regional perspectives. The role initiates and cultivates relationships with influential decision-makers at the highest levels and key tactical leaders, advocating for IT best practices, and shaping strategic business planning with a pronounced IT influence. The role also provides mentorship to lower-level employees and ensures the realization of operational and strategic plans.
 

We are looking for visionaries who are ready to make an impact on the way the world works. At HP, the future is yours to create!

Role will be reporting to senior management of IT Compliance under the IT Risk Management and Compliance Division.

Responsibilities

As a Principal/Master level professional in IT General Control Framework management, you will be responsible for a range of high-impact activities designed to ensure the security, compliance, and efficiency of our IT operations. Key responsibilities include but are not limited to the following:

• Stakeholder Engagement:
  • Engage with IT teams, auditors, and legal departments as needed to facilitate smooth and effective communication.
  • Establish and maintain robust relationships with various IT support and business teams, leveraging deep business knowledge and acumen to drive improvements in IT engagement and compliance initiatives.
• Audit and Compliance Management:
  • Manage audit activities, ensuring all necessary documentation and evidence are provided to auditors.
  • Support the management with the delivery of action plans for audit issues raised, Audit, and SOX Controls testing.
  • Analyze SOC reports (e.g., SOC 1, SOC 2, SOC 3) to assess the effectiveness of service organizations' controls related to financial reporting, security, availability, processing integrity, confidentiality, and privacy.
• Control Implementation and Monitoring:
  • Ensure that approved IT General Controls are embedded in the current service lines and processes across the organization.
  • Conduct risk assessments to identify potential compliance risks and vulnerabilities within the SDLC process.
  • Develop mitigation strategies and controls to address identified risks and ensure effective management throughout the development lifecycle.
• Process Improvement and Automation:
  • Stay updated on relevant regulations and standards applicable to the industry, evaluating and recommending improvements to business practices, processes, and controls.
  • Open to implementing automation where possible to help improve processes and enhance efficiency.
  • Continuously assess and improve compliance processes, controls, and procedures to align with evolving regulatory requirements and industry best practices.
• Training and Development:
  • Develop and deliver training programs to educate development teams and other stakeholders on compliance requirements, best practices, and policies related to software development.
  • Foster a culture of compliance awareness and accountability within the organization.
• Project and Team Support:
  • Support the team manager with various activities to drive the various projects within the team to meet goals.
  • Review all project deliverables in accordance with the SDLC framework, ensuring they meet quality standards and compliance requirements.
  • Contribute as part of the second Line of Defense to the compliance of applicable laws and regulations, internal codes of practice/standards, and policy and procedures.
• Communication and Reporting:
  • Communicate specific IT decisions relevant to the IT support teams/business, ensuring clarity and alignment.
  • Facilitate securing management responses from respective IT leadership, meeting aggressive timelines, and delivering quality products.
  • Provide support to internal and external auditors and auditees, ensuring thorough and accurate documentation and reporting.
• Vendor and Third-Party Management:
  • Evaluate and monitor third-party vendors, suppliers, and partners involved in the software development process to ensure adherence to compliance requirements and contractual obligations.
• Continuous Improvement:
  • Solicit feedback from stakeholders and incorporate lessons learned into compliance initiatives to drive continuous improvement.

This role requires a highly skilled and experienced professional who can balance technical expertise with strong leadership and communication skills to ensure the successful management of IT General Controls across the organization.

Education & Experience Recommended

• Bachelor’s Degree: Business Administration, Management Information Systems, or a related field.
• Advanced Degree: A master’s degree is preferred but not required.
• Professional Certifications: CISA, CPA, CA, MBA, or PMP Certification preferred.
• Four-year or Graduate Degree in Computer Science, Information Technology, or any other related discipline or commensurate work experience or demonstrated competence.
• Typically has 10+ years of work experience, preferably in IT projects, process improvement, or a related field.

Knowledge & Skills
• Agile Methodology
• Automation
• Business Analysis
• Business Process
• Business Requirements
• Business Systems Analysis
• Computer Science
• Data Analysis
• Finance
• Marketing
• Process Improvement
• Project Management
• Salesforce
• SAP Applications
• Scrum (Software Development)
• SQL (Programming Language)
• Systems Analysis
• Systems Development Life Cycle
• User Story
• Workflow Management

Cross-Org Skills
• Effective Communication
• Results Orientation
• Learning Agility
• Digital Fluency
• Customer Centricity

Impact & Scope
• Impacts large functions and leads large, cross-division functional teams or projects.

Complexity
• Provides highly innovative solutions to complex problems within established policy.

Disclaimer
• This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.

Job -

Schedule -

Shift -

Travel -

Relocation -

Equal Opportunity Employer (EEO) - 

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.

If you’d like more information about HP’s EEO Policy or your EEO rights as an applicant under the law, please click here: Equal Employment Opportunity is the Law Equal Employment Opportunity is the Law – Supplement