Lead Internal Control over Financial Reporting Analyst - ITGC

Overview

To provide internal control guidance, evaluate control effectiveness, and recommend improvements to control-related practices. Research and establish new practices to ensure credit union control alignment with Section 404 of the Sarbanes Oxley Act (SOX). Work closely with key business partners to understand processes, financial statement risks, and key financial controls to reduce the risk of financial misstatement. Collaborate with business units to mitigate risk by virtue of new control-centric processes and automation. Responsible for gathering data, creating reports, documenting and assessing Internal Control over Financial Reporting (ICFR), and producing evidence of control operational and design effectiveness to facilitate the delivery of auditable evidence to internal and external auditors. Lead complex/unusual tasks of considerable impact that require advances analysis.

This role will be on the ICFR team within the Finance organization and will support ICFR initiatives, specifically related to IT controls as it relates to financial reporting risks (i.e. user access, change management, and application-level controls related to year-end financial statement audits).

Responsibilities

• Lead multi-disciplinary control initiatives to evaluate controls, specifically IT general controls and application controls, and ultimately transform any control gaps into mature control environments
• Evaluate the operational performance of existing controls and devise remediation strategies that align control performance with the appropriate risk mitigation methodology
• Gather and review existing policies, process narratives, and process models to develop insight into the current state of business and IT processes
• Partner with external and internal auditors to establish audit scope, evidence, priorities and testing procedures that will serve as the foundation for the subsequent audit execution strategy
• Design, develop, and implement Key Control Matrices (KCMs) that summarizes a broad range of business and IT processes into a control-centric and executive-ready audit deliverable
• Creates and recommends remediation plans for existing ICFR related Information Technology General Computer (ITGC) controls to address control gaps in design effectiveness
• Validate and update SOX documentation (e.g., process narratives, and KCMs) as needed to ensure accuracy and completeness
• Identify industry best practices associated with risk management and develop subordinate qualitative and quantitative methodologies needed to address those risks using effective controls
• Produce detailed timelines and milestones for control-related project that enables external tracking and performance appraisal
• Review results from control and substantive testing to facilitate the remediation of control gaps and escalate possible critical issues to senior management
• Develop and maintain strategic plans to evaluate new risk and/or control-based technologies likely to have a significant future impact on team activity
• Lead project teams that resolve highly technical and complex preventative, detective, or corrective control problems
• Lead, guide and mentor junior staff
• Ensure preventative, detective, and corrective controls are properly identified and aligned with business and IT priorities such that new controls have an insignificant negative impact on the successful realization of business and IT objectives
• Solve control-related business and IT problems by defining the problem, interviewing stakeholders, identifying and evaluating alternatives, and presenting findings
• Identify business and IT areas that may benefit from SOX 404 or industry best practices as applicable
• Perform other related duties as assigned

Qualifications

• Advanced knowledge of SOX including GAAP principles, financial statement preparation, and internal accounting controls
• Significant experience with General Ledger (GL) technology including but not limited to data integration, accounting rules engines, and financial data hubs/warehouses/marts
• Significant experience re-designing processes to be consistent with SOX 404 guidance and partnering with business unit personnel to complete the transformation
• Significant experience with extracting and documenting information technology application control/process information
• Significant experience assessing the design and operational effectiveness of complementary user entity control considerations in SSAE 16/18 SOC 1 Type II reports (experience creating attestations for service organization is preferred) and SSAE 16/18 SOC 2 Type II reports
• Extensive experience in problem resolution including determining root cause, scope and scale of issues
• Significant experience in leading large projects/initiatives which have business risk and impact
• Extensive experience in managing multiple priorities independently and/or in a team environment to achieve goals
• Experience in leading, guiding and coaching professional staff
• Extensive experience that demonstrates the ability to research, compile, and document data, business processes, and workflow
• Advanced knowledge of IT infrastructure, including operating systems (OS), database management systems (DBMS), databases (Oracle/DB2/SQL Server), and queries (SQL)
• Advanced skill presenting to stakeholders & management
• Expert skill interpreting and synthesizing large amounts of information
• Advanced skill in project management to include establishing and leading project teams; managing timelines/deadlines/resources; ensuring successful project implementation
• Advanced skill analyzing and organizing problems or work processes for technical solutions
• Advanced skill presenting findings, conclusions, alternatives and information clearly and concisely
• Advanced skill interacting with staff, management, vendors and members diplomatically and tactfully
• Bachelor's degree in accounting, Information Systems, Information Technology, or related field, or the equivalent combination of experience, education and training

Desired Qualifications

• Certified Information Systems Auditor (CISA), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA) designation

Hours: Monday - Friday, 8:30AM - 5:00PM

Locations: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Drive, Pensacola, FL 32526

About Us