Job Description
1. SUMMARY OF POSITION – A brief overview of the primary purpose of the position.
Quaker Houghton’s goal is to apply global IT industry best practices, enabling Quaker Houghton to instill the business with new insights regarding global data, business risk, compliance, and information security.
The Senior Analyst - Risk and IT Compliance is primarily responsible for the SOX ITGC compliance program and supporting ongoing Risk and IT Compliance efforts. The position will work closely with other members of the Risk and IT Compliance team as well as the larger IT department, Finance-Compliance team and both internal and external audit teams. The ideal candidate is self-motivated, well organized, has the proven ability to develop solutions in response to complex audit and compliance related matters and apply precedents. Additionally, the candidate has prior experience driving projects and compliance related activities associated with Internal Control over Financial Reporting (ICFR). The ideal candidate should also have a proven ability exercising sound judgement and providing consultative guidance to stakeholders associated with IT compliance related matters. Role will receive exposure to upper management throughout a global and growing organization. Position reports to the Manager, Risk and IT Compliance. Excellent opportunity for someone looking to transition out of consulting / public accounting and into corporate Risk and IT Compliance.
2. ACCOUNTABILITIES - List the primary job responsibilities and activities in order of importance.
Key liaison with Internal & External Audit partners
Facilitation and project management of SOX ITGC document requests; rationalize and challenge document requests according to precedents and regulatory requirements
Manage document and project related request tracking and follow up with members of the organization; ensure timely evidence/documentation submission in support of audit activities and special projects; report metrics to stakeholders
Updating, rationalizing, and maintaining existing ITGC process documentation; act as trusted advisor for control oriented consultation to stakeholders
Drafting, rationalizing, and maintaining narratives and process flows for in-scope ITGCs, systems, and processes
Monitoring of key SOX control activities; report metrics to stakeholders
Execution of key SOX control activities
Lead drafting of IT policies and/or updates to existing policies; rationalizing current policies to ensure relevancy and identity areas for optimization/standardization
Assisting with IT Compliance related communications to key internal stakeholders
Assisting with or lead other non-SOX related IT Compliance initiatives as required
Responsible for timely completion of work as assigned; providing regular status updates over assigned responsibilities; report metrics to stakeholders
Performing initial quality reviews of staff or consultant related deliverables connected to audit and special project related activities; provide coaching to stakeholders and identify areas for documentation and process level improvements
Assist with special projects related to IT compliance and governance related initiatives
3. EDUCATION, EXPERIENCE AND SKILLS/COMPETENCIES to perform the job duties
Key Education or Certification Required:
Bachelor’s degree from an accredited institution in relevant field
Certifications such as CISA, CISSP, CRISC, CISM, QSA, ISO 27001 LA (preferred)
Required Minimum Number of Years of Relevant Experience:
Minimum 4+ years’ experience in IT audit, IT risk management and/or compliance role, public accounting experience preferred (at least 2+ years)
Required Skills and Competencies:
Knowledge of SOX-ICFR IT General Controls, ISO/IEC 27001, COSO, COBIT, and NIST frameworks
Experience with identifying ITGC risks and controls and maintaining process narratives/flows
Experience with risk assessment frameworks
Effective organizational, time management and interpersonal skills
Effective project management ability; experience with reporting program status to stakeholders
Analytical mindset with creative and innovative problem-solving skills
Experience with supervision of others; ability to conduct quality reviews of work products produced internally and with stakeholders
Possess ability for critical thinking with capability to skillfully conceptualize, apply, analyze, synthesize, and/or evaluate information gathered from, or generated by, observation, experience, reflection, reasoning or communication; possess ability to apply lessons learned across assignments
Ability to understand the interrelation between financial, operational and technology internal controls
Excellent verbal & written communication skills
Experience with data analytics preferred (not required)
Proficient with Microsoft Office suite
High energy self-starter who can work well with teams and independently in a highly dynamic, fast paced environment
4. COMPANY CORE VALUES
Act with Integrity, Do Great Things Together, Exceed Customer Expectations