Information Technology (IT)/SOX Senior Internal Auditor - Hybrid

About the position The Information Technology Internal Senior Advisor is a global role focused on leading IT general computing control testing support for Sarbanes-Oxley (SOX) and non-SOX environments. This position is part of the Internal Audit SOX/SOC Center of Excellence team and involves collaboration with organization-wide Technology teams to enhance SOX control and risk mitigation practices, identify control gaps, and support audit activities. The successful candidate will serve as a subject matter expert in audit best practices related to pharmacy benefit management (PBM) and corporate technology support functions. Responsibilities • Execute key functions of Internal Audit's SOX/SOC oversight program for Evernorth , • Coordinate testing oversight, evidence gathering, deficiency analysis, and additional testing in support of external and internal audit teams , • Collaborate with Financial Compliance team and SOX office to assess scope and facilitate testing coverage , • Meet frequently with control owners to assess compliance with audit requests , • Collaborate with technical teams to interpret control requirements and assess design and operating effectiveness of key controls , • Identify and communicate internal and external security/audit risks through analysis of control evidence , • Assess the effectiveness of IT general controls, including system development, security, backup, disaster recovery, and maintenance controls , • Review and provide feedback on scope changes to systems and infrastructure and integrate them into SOX testing strategy , • Assist internal SOX testing team in execution of annual SOX test program , • Perform and document testing over key IT general controls , • Review and respond to internal and external data requests for regulatory audits , • Assist with engagement planning, fieldwork, and reporting , • Advise management on control implementation, remediation, and process changes, including follow-up on identified gaps , • Develop and deliver risk and control awareness training , • Prepare, review, and deliver documentation and reports for internal and external stakeholders , • Influence senior and line management on risk and control matters , • Manage and review the work of staff performing control assessments, providing feedback and improvement opportunities , • Contribute to process improvements, including establishing continuous monitoring models and staying current on emerging technology trends Requirements • Bachelor's degree in a related field with 10+ years of relevant experience preferred , • Strong understanding of controls, risk, and audit methodology over information technology , • Certifications such as CISA, CIA, CISM, or CISSP preferred , • Expertise in executing regulatory compliance audits such as SOX and SOC1 , • Experience in auditing pharmacy benefit manager (PBM) and corporate functions preferred , • Excellent written and verbal communication skills , • Innovative enterprise mindset (self-starter, action-oriented, results-driven) and a proactive approach to improving internal processes Nice-to-haves Benefits Apply Job!