Sr Analyst, IT Audit

About the RoleAbout the Role:
The Internal Audit (“IA”) Department is seeking a highly motivated IT SOX Senior to join our Internal Audit team in the retail industry. This role will be based in Hyderabad (Gap HDC) and will partner closely with global Internal Audit, IT, and business stakeholders to ensure effective design, implementation, and testing of IT General Controls (ITGCs), automated controls, and key reports.
The ideal candidate will bring strong technical expertise, leadership capability, and a proactive and innovation mindset to drive compliance excellence and continuous improvement.What You'll DoWhat You'll Do:

• Execute IT SOX testing, including IT General Controls (ITGCs) (access, change management, IT operations) and IT Application Controls (ITACs) across in-scope systems.

• Perform control design and operating effectiveness testing, ensuring accuracy, completeness, and adherence to SOX and internal audit standards.
• Support annual SOX planning and scoping activities, including identification of in-scope systems, applications, and key reports.
• Conduct and document walkthroughs, including preparation of process narratives, flowcharts, and risk and control matrices (RCMs).
• Coordinate with control owners to request, collect, and validate audit evidence, ensuring timely and high-quality submissions.
• Evaluate system-generated reports (IUCs) for completeness and accuracy, including testing of report logic and data sources.
• Identify control deficiencies, perform root cause analysis, and support evaluation of impact to ICFR.
• Track remediation efforts, perform retesting of controls, and validate closure of identified issues.
• Partner with IT, Security, and business stakeholders to clarify control requirements and drive timely resolution of issues.
• Support external audit activities, including responding to requests, preparing documentation, and addressing follow-up questions.
• Maintain accurate and organized audit documentation in accordance with internal standards and SOX requirements.
• Contribute to continuous improvement initiatives, including standardization of testing approaches and enhancement of documentation quality.
• Identify opportunities to improve efficiency through automation, data analytics, and process optimization.
• Provide guidance and informal mentorship to junior team members, supporting knowledge sharing and team development.

Who You AreWho You Are:

Required:

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or a related field.
• 3–5 years of experience in IT audit, SOX compliance, or IT risk management.
• Demonstrated experience performing control testing (design and operating effectiveness), including walkthroughs, evidence evaluation, and documentation.
• Experience with risk and control matrices (RCMs), narratives, and flowcharts.
• Working knowledge of IT environments, including applications, databases, infrastructure, and cloud platforms (e.g., AWS, Azure).
• Understanding of IT control frameworks and domains (e.g., access management, change management, IT operations) and familiarity with frameworks such as NIST, ISO 27001, or COBIT.
• Strong analytical and problem-solving skills, with the ability to identify issues and assess risk implications.
• Effective communication and interpersonal skills, with the ability to collaborate with stakeholders and manage audit requests.
• Strong organizational skills and attention to detail, with the ability to manage multiple priorities and meet deadlines.

Nice to Have:

• Professional certification such as CISA, CPA, CRISC, or progress toward certification.
• Experience working with external auditors and supporting SOX audits.
• Familiarity with SOC reports, CUECs, and reliance considerations.
• Experience with audit tools, data analytics, or GRC platforms (e.g., AuditBoard/Optro).
• Exposure to ERP systems (e.g.,  Oracle) or retail/consumer industry environments