Security Analyst

5+ years of experience in Security GRC, IT Audit, or a related field, with a strong focus on SOX compliance and IT General Controls (ITGCs) in a retail environment

Big 4 IT Audit experience or similar is required, with demonstrated expertise in evaluating and testing ITGCs and application controls supporting financial reporting

Deep understanding of SOX Section 404 requirements, including risk assessment, control design, and effectiveness testing

Experience working with internal and external auditors, including managing walkthroughs, evidence collection, and audit issue resolution

Strong knowledge of ITGC domains such as access controls, change management, IT operations, and system development lifecycle (SDLC)

Familiarity with retail-specific systems (ex. Oracle EBS, Retail Management Systems, Order Management Systems, Warehouse Management Systems) and how they intersect with SOX compliance

Experience with cloud platforms (e.g., AWS, Azure), SaaS applications, and their implications for SOX controls

Proficiency in using GRC tools like ServiceNow, to streamline audit workflows and evidence management

Proven ability to drive remediation efforts, track control deficiencies, and support control owners in implementing sustainable solutions

Strong communication and stakeholder management skills, with the ability to influence cross-functional teams and align on compliance priorities

Demonstrated ability to work in a fast-paced, global retail environment, managing multiple priorities and time zones