Deloitte

Job Overview
The IT SOX Compliance Architect is responsible for designing and overseeing the implementation of effective IT controls aligned with Sarbanes-Oxley (SOX) requirements, serving as a bridge between IT, compliance, and audit teams to ensure regulatory adherence and audit readiness.

Responsibilities

• Design, implement, and monitor IT general controls (ITGC) for SOX compliance, including access, change management, and operations controls.      
• Evaluate the effectiveness of existing controls and develop improvements where required, providing expertise for remediation and control redesign.
• Lead compliance projects, facilitate internal and external IT audits, and ensure timely execution of audit cycles and documentation.      
• Collaborate closely with business compliance, audit, and risk teams to address process changes, control gaps, and integration of new systems.
• Maintain current knowledge of IT risk management, regulatory standards, and industry best practices (ISO, NIST, COBIT frameworks).
• Draft, update, and manage policy documents and runbooks related to SOX IT controls and compliance architecture. 
• Serve as point of contact for business and IT stakeholders regarding SOX IT control design and implementation.
• Manage incident management processes including incident recovery and response strategies.
• Ensure proper documentation of IT governance processes in accordance with COBIT and ITIL standards.
• Lead vulnerability research initiatives using tools such as Burp Suite and Splunk for continuous monitoring.
• Facilitate training sessions for staff on security best practices related to operating systems (Windows, Linux, macOS), encryption methods, and secure coding (Java, Python).
• Maintain knowledge of emerging technologies such as Internet of Things (IoT) and their implications for security compliance.
• Collaborate with external auditors during SOX audits to ensure transparency and accountability.

Qualifications

• Bachelor’s degree in Computer Science or a related field; advanced degrees or certifications in cybersecurity or IT governance are preferred.
• Proven experience in IT auditing or information security management with a focus on SOX compliance.
• Strong knowledge of cybersecurity principles including firewalls, IDS/IPS systems, VPNs, TCP/IP protocols, DNS management, and system administration.
• Familiarity with cloud architecture (IaaS/PaaS) and network monitoring tools.
• Proficiency in scripting languages such as PowerShell or Bash for automation tasks.
• Experience with data analysis skills to interpret audit results effectively.
• Understanding of regulatory frameworks such as PCI-DSS, FISMA, DIACAP, FedRAMP is a plus.
• Excellent communication skills with the ability to work collaboratively across departments. This position offers an exciting opportunity for a proactive individual looking to make a significant impact on our organization's compliance efforts while working within a dynamic team environment.

Job Types: Full-time, Contract

Pay: $125,796.52 - $153,797.96 per year

Work Location: In person