At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
IT SOX Compliance Manager
Brand: Estée Lauder Companies
Description
Additional Details
· Work shift: Monday – Friday. Business Hours
· Flexibility Options:
· Travel time: 25%.
· Contract-type: Full-Time Permanent.
· Location: Costa del Este, Panamá.
Additional Details
· Work shift: Monday – Friday. Business Hours
· Flexibility Options:
· Travel time: 25%.
· Contract-type: Full-Time Permanent.
· Location: Costa del Este, Panamá.
Qualifications
Key Responsibilities:
Support the New Brands Internal Control Sr Manager with IT SOX overall governance for the newly created structure, and provide the necessary insights and analysis to further enhance newly acquired brands’ control framework for the following areas, including but not limited to:
· Support in the Design, and implementation of IT General Controls and IT Automated Controls to support newly created brands in IT internal control matters, ensuring to adequately comply with ELC internal processes and IT SOX controls.
· Collaborate with Internal and External Audits for New Brands relating to IT general and automated controls, including support in control scope, facilitation of walkthroughs and the documentation and testing of applicable controls.
· Partner with business and technology leaders and execute a technology risk strategy that will enhance overall SOX IT risk posture.
· Advises DECIEM IT on internal controls matters.
· Serve as point of contact for company’s external auditors in defining walkthrough and testing timelines, gathering of requesting data and review of provided data for accuracy and completeness.
· Assist with the transition of the Sarbanes-Oxley initiatives to the process owners and encourage ownership.
· Perform risk assessment analyses and valuations for the current business processes, new processes, and system implementations.
· Coordinate plans and reporting for front-line compliance testing leads.
· Verify that required compliance controls are baked into new products.
· Test the controls documented and communicate results in work papers and written reports to all levels of management (self-assessments)
· Manage the documentation of new or existing IT General and Application controls update existing documentation to reflect changes in the process or controls.
· Support the quarterly SOX certification results and the impacts on the overall SOX assertion.
· Support on SOX Reporting, audits, and projects to Finance Shared Services Risk Management review, Disclosure Committee and Audit Committee
· Advise Management and IT teams on internal control matters, including adequate control design, control execution, documentation requirements, etc.
· Provide SOX training to process owners and relevant team members.
· Identify key information technology and information security risks and controls, control optimization opportunities, including the configuration of controls to support key business processes.
· Assist with third party administrator or vendor controls by reviewing SOC1 or SOC2 reports and implement complementary controls at DECIEM when required
· Other duties as assigned.
· Connect with internal stakeholders to ensure the new brand adopts IT ELC processes.
· Liaise with ELC’s compliance groups (Brands IT teams, Tech Governance Regulatory and Compliance, Internal Audit, External Auditors, consultants) to ensure proper control evaluations are conducted.
· Coach control owners on IT SOX deficiency (MTOE) requirements, including impact assessment, mitigating controls, remediation plan, and remediation date, with formal alignment from the new brand Management before submission.
Knowledge/Experience:
· Degree: University degree in Computer Science, Information Security or related field or equivalent work experience
· Interpersonal and collaborative skills and the ability to articulate security and compliance related concepts to both technical and nontechnical audiences.
· Experience Leading an internal IT Controls team.
· Experience evaluating ITGCC of ERP (example SAP, PeopleSoft, Hyperion), outsourced and/or ‘in house developed’ applications.
· Experience evaluating ITGCC of various infrastructure components (servers, databases)
· Experience in evaluating and /or support designing IT Automated Controls (
· Experience in end-to-end project management, controls evaluation and cross-functional collaboration
· Knowledge or all phases of SOX work
· Recent experience SOX IT controls and testing
· 5-7 years of IT work experience, SOX Testing, Internal Audit or Internal Control
· Experience providing SOX Training to IT Management and junior audit or SOX staff is desired.
· Recent Big 4 (assurance or advisory) or a national public accounting firm experience as a manager or senior manager role
· CISSP, CISA, PCI ISA, CRISC or similar leading industry certifications preferred.
· Proficient in MS Office applications: Word, Excel, PowerPoint, etc.
Additional Details
· Work shift: Monday – Friday. Business Hours
· Flexibility Options:
· Travel time: 25%.
· Contract-type: Full-Time Permanent.
· Location: Costa del Este, Panamá.
Job: Finance & Accounting
Primary Location: Latin America-Panama
Job Type: Standard
Schedule: Full-time
Shift: 1st (Day) Shift
Job Number: 246977