IT Control Tester – Procurement (SOX & COBIT)
Are you ready to play a vital role in strengthening controls within a dynamic procurement environment? Apply Now!
Working with one of our top financial clients, this role calls for a IT Control Tester – Procurement (SOX & COBIT), responsible for monitoring and testing internal controls to ensure operational effectiveness and compliance. This position involves performing risk-based control evaluations, executing IT and process audits, and collaborating across teams to improve control frameworks. The role offers an excellent opportunity to contribute to a robust internal control environment while advancing your expertise in procurement and IT audit practices.
Responsibilities
- Conduct design and operational effectiveness testing of procurement controls in line with established monitoring and testing standards.
- Identify testing populations, select representative samples, and document procedures, evidence, and findings accurately.
- Perform control walkthroughs with stakeholders to verify process understanding and control design validity.
- Apply risk-based audit methodologies, including sampling, data analytics, and evidence collection, and communicate results clearly to stakeholders.
- Test automated IT controls, including general controls, application controls, and cybersecurity controls, across on-premise and cloud environments.
- Evaluate dependencies on IT governance, vendor management, and data governance to assess their impact on procurement controls and third-party risk management.
- Review data management practices, including data classification, privacy, and lifecycle controls, to safeguard sensitive information.
- Plan, organize, and manage testing activities, schedules, and deliverables using PMP principles—engaging stakeholders and managing risks effectively.
- Support the preparation of reporting materials, governance updates, and status reports, ensuring clarity of findings and remediation timelines.
- Identify emerging issues, recommend control enhancements, and contribute to the ongoing development of the internal control framework within procurement practices.
- Assist in operational programs aligned with risk and control standards such as COSO, COBIT, and SOX, ensuring compliance and effectiveness.
Desired Skill-Set
- Experience in risk-based internal control testing, audit planning, and evidence collection, including sampling and data analytics.
- Demonstrated understanding of IT governance, cybersecurity, and third-party/vendor risk management controls.
- Strong stakeholder engagement, team collaboration, and communication capabilities.
- Proven ability to manage multiple testing projects concurrently, with a focus on quality, scope, and timeline adherence.
- Knowledge of procurement processes, control frameworks, and compliance standards relevant to financial services.
- Data-driven decision-making skills and the ability to operate effectively in dynamic environments.
Nice to Have
- PMP (PMI) certification or progress toward certification, with familiarity of PMP domains and the PMBOK framework.
- Working knowledge of regulatory compliance frameworks such as SOX 404, COSO, or COBIT.
- Familiarity with banking or financial industry controls and standards.
BeachHead is an equal opportunity agency and employer. We advocate for our candidates and welcome applicants regardless of race, color, religion, national origin, sex, age, or physical or mental disability. BeachHead or our clients may use technology-enabled tools, including automation and artificial intelligence (AI), to support parts of the recruitment process such as resume screening, application management, and candidate matching. These tools assist our recruiters and our clients, and do not replace human decision-making. This job posting represents a current or anticipated vacancy. The position may be filled at any time, and the posting may be removed without notice once the role has been filled.