Home Depot Manager, Internal Controls - IT SOX in Atlanta, Georgia
The Internal Controls IT SOX team is a part of the Finance organization focusing on centralizing compliance programs across business and IT. Our IT SOX team oversees processes to ensure an effective internal control environment. The team works closely with Internal and External Audit, IT and Business partners across the organization.
The Manager of IT SOX Governance and Monitoring is responsible for managing the governance program that guides, monitors, evaluates, and reports on the effectiveness of internal control over financial reporting related to IT (processes, applications, infrastructure, tools, etc.). The role works collaboratively with individuals and teams across the organization to maintain effective IT controls and support the Company's strategic objectives.
Major Tasks, Responsibilities and Key Accountabilities:
Project Management and Execution - oversee people and processes ensuring an effective internal controls over financial reporting for IT. Responsibilities include:
Performing enterprise-wide SOX scoping activities (e.g., IT applications/tools, IT infrastructure and IT general controls)
Updating SOX scoping via linkage to IT applications/systems, infrastructure, and risks and controls
Documenting IT general control domains and associated controls (e.g., walkthroughs, narratives, risk and control matrix)
Partnering with IT teams to continuously assess the design of controls
Collaborating with key IT, business, and audit teams to evaluate technology related risks
Performing monitoring, dashboarding and reporting on the remediation of IT control deficiencies
Assisting IT teams with root cause analysis, remediation action plans, remediation activities, providing training and resources to IT teams to ensure timely remediation
Contribute to controls status updates to leadership
Reporting and Communication - Establish and maintain effective communication, dashboarding, and reporting to stakeholders and Senior Leadership
Oversee the process to analyze and update SOC report evaluations, partnering with the relevant stakeholders to ensure risks are mitigated
Deploy training related to controls, policies, and requirements to evolve capabilities, governance awareness and efficiencies
Enterprise Initiative Support - support IT teams with strategic initiatives; continuously assess internal processes for process improvement opportunities, including technology enablement
Manage the implementation and roll-out of GRC software to support efficient and effective SOX program management and execution
Perform the IT general control deficiency evaluation process
People Management - manage and develop an effective and proficient team
Develop value-adding relationships with process owners and make recommendations for process improvement
Nature and Scope
Typically reports to Senior Manager, Internal Controls
Accountable for direct supervision of the work activities of others. Planning, monitoring and reviewing work of subordinates is required. This may include direct supervision or the coordination of multiple work groups. Makes recommendations concerning selection, termination, performance appraisal and professional development
- Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
- Typically requires overnight travel less than 10% of the time.
Must be eighteen years of age or older.
Must be legally permitted to work in the United States.
The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job.
Years of Relevant Work Experience: 5 years
Physical Job Requirements:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
Master's degree in Accounting, Information Systems, or related field is preferred
Strong IT, business process, risks, and controls knowledge
CISA, CISSP, CIA, or other related certification preferred
Proven ability to lead and develop high functioning teams
Strong strategic thinking and problem-solving ability
Ability to partner with IT stakeholders across the organization to achieve consensus
Ability to influence at all levels of the organization through strong verbal and written communication skills
Comfort negotiating in competitive or adversarial environments
Knowledge, Skills, Abilities and Competencies
Thorough working knowledge of IT general controls, COBIT, Auditing Standards, and generally accepted accounting practices
Be able to understand, assess and prioritize risks across the components of the IT environment (e.g., application, operating system, and database)
In-depth experience and knowledge of key IT and information security topics such as cyber security, applications, infrastructure, systems implementations, cloud computing, IT general controls, SOC reports, and back-office operations
General knowledge of the technologies used in complex IT environments
Understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards
Adept at assessing complex IT and business processes environments to identify potential IT, financial, operational, and compliance risks
Familiarity with risk management methodologies, frameworks and principles
Ability to appropriately articulate requirements to technical and business stakeholders
Experience with GRC Technology
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.