Laureate Education is seeking an experienced Senior Manager of IT SOX Compliance reporting to Laureate’s Vice President of SOX Compliance. The ideal candidate will possess knowledge of information technology, broad business experience and internal audit practices. The candidate will leverage knowledge of business process and IT to lead audit programs, execute risk assessments and interact with the compliance and risk management global program(s) for Laureate. The candidate will also be expected to effectively lead a team of IT SOX Compliance professionals.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Manages the documentation and assessment of IT internal controls over financialreporting as part of the ongoing Sarbanes-Oxley (SOX) compliance effort
- Responsible for directing IT compliance efforts for all institutions within a large geographic region.
- Provides leadership and guidance to a team of IT SOX Compliance professionals
- Direct the assessment of access management, authentication, authorization
- Evaluate internal control deficiencies and ensures remediation strategies are correct as proposed by external/internal audit or internal control staff
- Oversees creation of efficient procedures and methodologies to test controls relevant to SOX
- Responsible for compliance results and corresponding reporting
- Build meaningful metrics to demonstrate continuous improvement in the audit process and in the efficacy of internal controls
- Create specific metrics to monitor control deficiencies and remediation accountabilities across all IT functional groups
- Supervise daily activities of IT SOX Compliance Analyst personnel
- Will coordinate with Laureate’s IT Executive Regional CIOs, local IT Management and Compliance teams to identify automation opportunities to streamline application and infrastructure controls across IT functional groups
- Coordinates with IT personnel across the enterprise to implement required controls, ensure these controls are executed, and maintains appropriate evidence.
- Prepares and/or reviews reports that are requested for the reporting of SOX IT related information to various levels of management.
- Responsible for coordinating with IT process owners on updating IT SOX documentation.
- Provides guidance on internal financial policies and procedures with respect to IT controls.
- Develop and execute SOX Compliance training and awareness programs based on audit findings and regulation(s) changes
- Work with IT Compliance due diligence programs for new acquisitions and develop plans as required based on GAP analysis results and requirements
- Negotiate and influence business process transformation and process improvements with business owners and systems stakeholders
- Implements policies, process, and systems aligned with the strategic roadmap and in support of near term deliverables (audit and other).
- Constantly on alert for potential areas of vulnerability or risk; able to work with management and operations to develop contingency plans and make critical decisions for the regional institutions.
- Ensures that monitoring programs are in place to measure efficiency and identify potential areas for improvement.
- 8+ years of work experience in IT Audit, Compliance and/or Public Accounting. Experience in a large accounting firm with SEC Clients preferred
- Experience with ISO, SOX, PCI, HIPAA, FERPA, Privacy regulations and other control frameworks.
- This position requires the ability to analyze and interpret the risk implication of changes in the compliance requirements and the control environment
- The role requires risk management expertise to ensure creation and maintenance of effective risk mitigation strategies across all stakeholder groups; Business, IT functional groups, and Information Systems Security
- Strong change management and negotiation skills with ability to work within a matrix-run organization.
- Must be bilingual in Spanish or Portuguese
- Experience in developing and deploying best practices, policies, procedures and processes.
- Builds a network of relationships across IT functional groups, business peers and executive management
- Influence development of broad based risk management strategies
- Well organized, with strong time management skills.
- Strong prioritization skills and attention to detail with the ability to manage & coordinate multiple competing priorities and requests.
- Demonstrated ability to work effectively with colleagues and senior leaders in business groups and across finance and multiple locations.
- Self-starter that works well either independently or as part of a larger group.
EDUCATION and/or EXPERIENCE:
- Minimum of a Bachelor’s degree in Computer Science/Information Systems Management
- Certified in Security, Governance, Compliance and Project Management. ISACA CISA, CISM, CGEIT, CISSP, CRISC, PMP or equivalent professional certification desirable