other
Posted 4 weeks agoIT Audit Principal
at Epocare
United StatesHybrid
Responsibilities
- Drive evaluation of broader cybersecurity programs (e.g., NIST, ISO 27001) as dictated by our audit plan and underlying business objectives.
- Evaluate System Development Life Cycle (SDLC) controls to ensure secure system implementation practices, including secure coding, change management, and vulnerability remediation.
- Lead root cause analysis and provide recommendations for control deficiencies, including those related to cybersecurity incidents and/or control gaps.
- Develop, review, and maintain IT control documentation, including process flows, narratives, and control matrices, ensuring alignment with both SOX and cybersecurity requirements.
- Oversee and enhance the quarterly SOX certification process, incorporating cybersecurity risk considerations where applicable.
- Monitor emerging cybersecurity threats, regulatory changes, and industry trends, and assess their impact on the organization’s control environment.
- Enable continuous improvement initiatives across IT Audit and cybersecurity programs, including automation and deployment of new technologies.
- Support executive leadership with special project advisory that inform strategic initiatives, risk assessments, and special transformational projects as needed.
- Build and leverage AI solutions and workflows to enable capacity or unlock capability for an Internal Audit function.
Requirements
- experience in IT audit, IT compliance, SOX, and/or cybersecurity risk management (public accounting and/or industry). Big 4 is a plus. Specialized
- experience in the Software industry.
- Bachelor’s degree in Information Systems, Cybersecurity, Accounting, Finance, or related field.
- Relevant certifications such as CISA, CISSP, CISM, CRISC, CIA, or CPA (or equivalent).
- experience auditing or supporting systems such as Kinetic, SalesForce, Workday, Microsoft Azure (Entra ID), Active Directory, and different types of cloud environments (IaaS, PaaS, and SaaS).
- Strong knowledge of ITGC domains (Access Management, Change Management, Interfaces, Backups, Disaster Recovery), SDLC, and their intersection with cybersecurity controls. Deep
- experience performing cybersecurity audits. Strong understanding of SOX
- Experience leveraging automation and tools such as Workiva Wdesk, GRC platforms, and AI tools (ChatGPT, Copilot, Claude, etc.).
- Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organization.
- Ability to manage multiple priorities, execute complex tasks, and operate both strategically and tactically. #LI-CM1 #HYBRID About Epicor At Epicor, we’re truly a team.
- Join 5,000 talented professionals in creating a world of better business through data, AI, and cognitive ERP.
- From software engineers who command the latest AI technology to business development reps who help us seize new opportunities, the work we do matters.
Experience
- What you'll likely bring 8+ years of progressive
Benefits
- And that success really matters, because we’re the essential partners for the world’s most essential businesses—the hardworking companies who make, move, and sell the things the world needs. Competitive Pay &
- Work-Life Balance: Policies built on mutual trust and support, encouraging time off to rest, recharge, and reconnect.
Additional details
- What you'll be doing Lead the evaluation and ongoing monitoring of ITGCs to ensure adequate design, operating effectiveness, efficiency, and compliance with SOX
- Assess cybersecurity controls that intersect with ITGC domains, including identity and access management, privileged access, logging/monitoring, vulnerability management, and incident response.
- Provide thought leadership and partnered advisory in the planning, scoping, and execution of IT SOX testing activities, including risk assessments and control rationalization.
- Partner with cybersecurity teams to assess risks related to cloud environments, infrastructure, and applications, ensuring appropriate controls are designed and operating effectively.
- Act as a liaison to external auditors for ITGC and cybersecurity-related audits, ensuring alignment and timely communication of findings.
- Provide independent and objective advisory to IT and business stakeholders on control design, risk mitigation, and cybersecurity best practices.
- Strong analytical, problem-solving, and risk assessment skills.
- We help businesses stay future-ready by connecting people, processes, and technology.
- Together, Epicor employees are creating a more resilient global supply chain.
- Whatever your career journey, we’ll help you find the right path.