Information Technology (IT)/SOX Senior Internal Auditor - Hybrid
Posted 2025-04-06About the position
The Information Technology Internal Senior Advisor is a global role focused on leading IT general computing control testing support for Sarbanes-Oxley (SOX) and non-SOX environments. This position is part of the Internal Audit SOX/SOC Center of Excellence team and involves collaboration with organization-wide Technology teams to enhance SOX control and risk mitigation practices, identify control gaps, and support audit activities. The successful candidate will serve as a subject matter expert in audit best practices related to pharmacy benefit management (PBM) and corporate technology support functions.
Responsibilities
 Execute key functions of Internal Audit's SOX/SOC oversight program for Evernorth
,
 Coordinate testing oversight, evidence gathering, deficiency analysis, and additional testing in support of external and internal audit teams
,
 Collaborate with Financial Compliance team and SOX office to assess scope and facilitate testing coverage
,
 Meet frequently with control owners to assess compliance with audit requests
,
 Collaborate with technical teams to interpret control requirements and assess design and operating effectiveness of key controls
,
 Identify and communicate internal and external security/audit risks through analysis of control evidence
,
 Assess the effectiveness of IT general controls, including system development, security, backup, disaster recovery, and maintenance controls
,
 Review and provide feedback on scope changes to systems and infrastructure and integrate them into SOX testing strategy
,
 Assist internal SOX testing team in execution of annual SOX test program
,
 Perform and document testing over key IT general controls
,
 Review and respond to internal and external data requests for regulatory audits
,
 Assist with engagement planning, fieldwork, and reporting
,
 Advise management on control implementation, remediation, and process changes, including follow-up on identified gaps
,
 Develop and deliver risk and control awareness training
,
 Prepare, review, and deliver documentation and reports for internal and external stakeholders
,
 Influence senior and line management on risk and control matters
,
 Manage and review the work of staff performing control assessments, providing feedback and improvement opportunities
,
 Contribute to process improvements, including establishing continuous monitoring models and staying current on emerging technology trends
Requirements
 Bachelor's degree in a related field with 10+ years of relevant experience preferred
,
 Strong understanding of controls, risk, and audit methodology over information technology
,
 Certifications such as CISA, CIA, CISM, or CISSP preferred
,
 Expertise in executing regulatory compliance audits such as SOX and SOC1
,
 Experience in auditing pharmacy benefit manager (PBM) and corporate functions preferred
,
 Excellent written and verbal communication skills
,
 Innovative enterprise mindset (self-starter, action-oriented, results-driven) and a proactive approach to improving internal processes
Nice-to-haves
Benefits
Apply Job!