Principal Cybersecurity Analyst - SOX Compliance Lead

What success looks like in this role:

The Global Information Security (GIS) Sarbanes-Oxley (SOX) Compliance Lead works closely with control owners to validate the completeness and accuracy of IT General Control (ITGC) process execution. As SOX controls professional and coordinator of others, this individual is responsible to ensure controls are designed, executed and monitored effectively. The GIS SOX Compliance Lead is also responsible to maintain visibility of control status and track any issues to resolution. As a key risk advisor, this person addresses business issues and processes that impact both current and future CIT systems that come into scope for ITGC control requirements.

The GIS Policy Administrator is part editor, part advisor/facilitator, and part library administrator. The Administrator's official role is to assist in policy/standard/guidance/Procedure development and to review/standardize all documents for final publishing in the Unisys Process Asset Library (UniPAL) database. This person also serves as the initial point of reference across Unisys for general questions regarding Global Information Security (GIS) policies & standards.

Essential Duties and Responsibilities:

GIS Sarbanes-Oxley (SOX) Compliance Lead

• Main SOX IT Controls point of contact for the Unisys Corporate Information Technology (CIT) 

• Coordinate CIT SOX-related activities with the internal and external auditors, including CIT policies and procedures; suite of key controls; portfolio of financial applications / system tools; and key report testing.

• Review test findings; evaluate the impact/risk and facilitate the remediation of ITGC control gaps. Escalate possible critical issues to senior leadership within the Corporate Security and Infrastructure Office (CIT).

• Facilitate work streams related to IT SOX compliance and application and infrastructure controls.

• Provide technical support in the assessment, design and implementation of ITGC requirements.

• Coach control owners and operators to ensure quality, consistency and operability of new and existing controls.

• Facilitate CIT control owner review of third-party service provider System and Organization Controls (SOC1) reports.

• Collaborate and build long-term relationships with key stakeholders in a fast-paced and matrixed work environment.

CIT Policy Administrator /Management

• Initial point of reference across Unisys for general questions regarding GIS policies & standards, demonstrating a basic awareness of the content and ownership of each document. 

• Interact with CIT and GIS subject matter experts (SMEs) to create, review, approve, revise/update, activate, and archive GIS policies/standards/guidelines.  Ensure method, consistency, style, design and terminology is professional and adheres to defined corporate standards and requirements.

• Ensure all published documents are updated to the latest template and format; Review all new documents and document revisions for typographical and grammatical errors and embedded links before publication.

• Ensure the policy/standard creation/revision process is followed and content is properly reviewed by leadership / SMEs prior to submission for publication.

• Serve as Knowledge Coordinator of the GIS workstream in the UniPAL system.

• Monitor and update leadership as to the status of annual policy/standard review by CIT and GIS owners.

#LI-SP2

You will be successful in this role if you have:

Qualifications/Skills: 

• Demonstrated understanding of IT general controls and cybersecurity concepts, COSO Internal Control framework, SOX, and PCAOB auditing standards.

• 10+ years minimum general IT control experience with a CPA firm or within an internal audit function.

• Minimum of 2 -4 years of responsible leadership experience in management or supervisory positions.

• Successful experience working, collaborating, and establishing credibility and relationships with senior leadership, colleagues, and clients.

• Demonstrated success working with internal audit, external auditors, outside consultants, and legal affairs.

• Experience in Cloud managed environments – Preferably MS Azure.  Strong ERP experience a plus.

• Proficient in the use of Microsoft tools including SharePoint, Teams, Word, Excel, PowerPoint, Project.

Interpersonal Skills:

• Ability to work independently under general supervision with latitude for initiative and independent judgment.

• Effective verbal and written communications, including active listening skills and skills in presenting findings and recommendations.

• Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors.

• Detail-oriented and analytic thinking.

• Comfortable working on multiple projects simultaneously.

• Comfortable working in the US time zone (Eastern) for at least 50-60% overlap

Education/Certification/License:

• Bachelor's degree or higher in Finance, Information Systems, or related area, CA Inter or Final Preferred with flair for Technology (Cybersecurity)

• CSOE, CIA or CRISC desired

• CISA or CISSP a plus

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.

If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at [email protected]. US job seekers can find more information about Unisys’ EEO commitment here.