Senior Manager, Controls Assurance & IT Compliance Audit

Job Title : Senior Manager, Controls Assurance & IT Compliance Audit

Location : Columbus, GA

Duration : 12+ months Contract (with possible extension)

Job Description : Summary of This Role

Summary of This Role

The Senior Manager will manage the development and issuance of cloud-based product and service share of the Issuing business segment of the company’s SOC project portfolio.

This position will also play a key role in the execution of the related mainframe SOC 1 and SOC 2 reports (8 annual reports for core and small subsidiary businesses in the US and international markets).

As a key liaison for external auditors that issue the reports and internal IT and business teams, the Senior Manager ensures comprehensive project management and execution of the SOC 1 & SOC 2 audit requirements as well as, in coordination with the SOX IT Audit program manager, elements of the company’s SOX

What Part Will You Play?

Works with internal business leaders to understand the current mainframe, distributed, and AWS cloud environments to document controls in support of SOC and SOX scope.

• Works with external audit firms to ensure documented controls meet SOC 1 and SOC 2 framework requirements.
• Works with the CA team to lead testing of new controls in alignment with Internal Audit (Audit Services Group / ASG ) and Controls Assurance testing and documentation standards.
• Works with existing Controls Assurance team members to assess the current control environment as translated into the new cloud environment to ensure consistent control coverage between current and future state.
• Fosters and maintains strong relationships throughout the company to support audit execution responsibilities. Viewed as a partner with IT and business leaders to understand the business and assist in designing and delivering the required audit services to meet business, customer, and regulatory requirements.
• Establish trusted relationships to support delivery of effective, successful, and well-received audit services. Considered a go-to leader within the organization regarding risk and control matters.
• Ensures SOC reports support our customers' use of Global Payments (TSYS Issuing) solutions by understanding Global Payments businesses and the integration of product / service, operations, and technology that impact internal controls supporting our client’s financial, data processing, and information security environments.
• Leads team members in conducting SOC and limited IT SOX testing and project execution, including all aspects of the audit lifecycle : risk assessment, planning, scoping, client coordination, fieldwork, data analysis, work paper documentation, reporting, and remediation validation in adherence with established timelines.
• Performs quality assurance review of audit work papers to ensure compliance with ASG and IPPF standards.
• Leads team in updating reports to ensure compliance with AICPA and ASG standards and best practices, clear communication of Global Payments products / services, operations, technology, control testing, and issues.
• Leads readiness for new SOC reports (both SOC 1 and SOC 2) as requested by Management. Partners with external auditors, management and management liaisons, and ASG team members to evaluate scope, define controls and gaps, and provide guidance on remediation.

Ensures generation of the new report.

• Acts as a Subject Matter Expert (SME), on SOC 1, SOC 2, and SOX IT requirements and guidance. Provides guidance to other team members and provides direction on project work based on internal business and external requirement experience.
• Obtains and shares a detailed understanding of operational processes, including originations, cardholder account maintenance, authorization, fraud monitoring, settlement, client reporting, PIN creation, cardholder statements, card inventory management, reward point processing, and incident management,
• Obtains and shares a detailed understanding of IT-managed processes, including technology architecture, system build, provisioning, configuration management, performance monitoring, incident management, change management, user access management, disaster recovery, etc.
• Continue to develop knowledge of applicable laws, regulations, and company policies and share with ASG team members.
• Assists audit leadership in establishing and implementing best practices for SOC audit activities and directing its technical and administrative function in support of the best course of action to minimize the impact of regulation or compliance standard changes to internal processes, procedures or the organization.
• Assists Controls Assurance (CA) team and ASG in setting internal processes and project execution guidance for junior team members.

Assists CA team and ASG in adopting and optimizing new technology and processes; assists junior team members with execution of their adoption and optimization.

• Provide coaching and performance feedback for ASG team members and assist junior team members with development of required audit skills and technical knowledge.
• Identifies, evaluates, and reports issues and internal control deficiencies with ASG leadership, relevant management, and external providers.

Evaluate root cause factors for audit testing exceptions and recommend practical solutions that reduce risk and strengthen business processes and control(s).

Document issues and deficiencies in applicable SOC reports, SOX trackers, and Global Payments applications.

• Monitors the implementation of corrective action(s) taken by management to resolve audit issue(s) and gaps identified during the audit engagement to ensure adherence with compliance standards and effective issue resolution.
• Creates and presents oral and written presentations to management throughout and at the conclusion of the engagement project by discussing process and control deficiencies, recommending corrective actions, and other suggestions for improvements in operations and / or reductions in costs.
2 days ago