• Evaluate SailPoint Identity Governance by auditing automated workflows from access provisioning, deprovisioning, and user access review, and validate the integrity of the data synchronized from source systems • Conduct end-to-end SOX SDLC testing for SailPoint system • Conduct ITGC testing across domains including logical access, change management, computer operations, and program development, ensuring audit-ready work papers for each control. • Design and execute IT Application Controls (ITAC) testing, including input controls, interface controls, processing controls, and output controls across key financial systems. • Perform key report testing: validate report logic, identify report parameters, assess completeness and accuracy, and document evidence in accordance with SOX standards. • Lead or participate in system walkthroughs with IT and business process owners to assess control design adequacy and identify gaps requiring remediation. • Coordinate and communicate with external auditors (Big 4) to facilitate reliance on internal audit work and reduce overall audit burden. • Track control deficiencies and open issues; work with control owners to monitor remediation and validate closure with sufficient evidence. • Prepare, organize, and maintain high-quality audit work papers in AuditBoard (or equivalent GRC platform), ensuring documentation meets internal and external audit standards. • Participate in process improvement initiatives to enhance the efficiency and effectiveness of the SOX program year over year. • Flexibly support additional internal audit projects and operational audits as directed by the Internal Audit leadership team.
