jobloom

JobLoom finds jobs directly from company career sites before many job boards, then routes you into detailed role pages like this one.

other

Posted 4 weeks ago

IT Audit Principal

at Epocare

United StatesHybrid

Responsibilities

  • Drive evaluation of broader cybersecurity programs (e.g., NIST, ISO 27001) as dictated by our audit plan and underlying business objectives.
  • Evaluate System Development Life Cycle (SDLC) controls to ensure secure system implementation practices, including secure coding, change management, and vulnerability remediation.
  • Lead root cause analysis and provide recommendations for control deficiencies, including those related to cybersecurity incidents and/or control gaps.
  • Develop, review, and maintain IT control documentation, including process flows, narratives, and control matrices, ensuring alignment with both SOX and cybersecurity requirements.
  • Oversee and enhance the quarterly SOX certification process, incorporating cybersecurity risk considerations where applicable.
  • Monitor emerging cybersecurity threats, regulatory changes, and industry trends, and assess their impact on the organization’s control environment.
  • Enable continuous improvement initiatives across IT Audit and cybersecurity programs, including automation and deployment of new technologies.
  • Support executive leadership with special project advisory that inform strategic initiatives, risk assessments, and special transformational projects as needed.
  • Build and leverage AI solutions and workflows to enable capacity or unlock capability for an Internal Audit function.

Requirements

  • experience in IT audit, IT compliance, SOX, and/or cybersecurity risk management (public accounting and/or industry). Big 4 is a plus. Specialized
  • experience in the Software industry.
  • Bachelor’s degree in Information Systems, Cybersecurity, Accounting, Finance, or related field.
  • Relevant certifications such as CISA, CISSP, CISM, CRISC, CIA, or CPA (or equivalent).
  • experience auditing or supporting systems such as Kinetic, SalesForce, Workday, Microsoft Azure (Entra ID), Active Directory, and different types of cloud environments (IaaS, PaaS, and SaaS).
  • Strong knowledge of ITGC domains (Access Management, Change Management, Interfaces, Backups, Disaster Recovery), SDLC, and their intersection with cybersecurity controls. Deep
  • experience performing cybersecurity audits. Strong understanding of SOX
  • Experience leveraging automation and tools such as Workiva Wdesk, GRC platforms, and AI tools (ChatGPT, Copilot, Claude, etc.).
  • Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organization.
  • Ability to manage multiple priorities, execute complex tasks, and operate both strategically and tactically. #LI-CM1 #HYBRID About Epicor At Epicor, we’re truly a team.
  • Join 5,000 talented professionals in creating a world of better business through data, AI, and cognitive ERP.
  • From software engineers who command the latest AI technology to business development reps who help us seize new opportunities, the work we do matters.

Experience

  • What you'll likely bring 8+ years of progressive

Benefits

  • And that success really matters, because we’re the essential partners for the world’s most essential businesses—the hardworking companies who make, move, and sell the things the world needs. Competitive Pay &
  • Work-Life Balance: Policies built on mutual trust and support, encouraging time off to rest, recharge, and reconnect.

Additional details

  • What you'll be doing Lead the evaluation and ongoing monitoring of ITGCs to ensure adequate design, operating effectiveness, efficiency, and compliance with SOX
  • Assess cybersecurity controls that intersect with ITGC domains, including identity and access management, privileged access, logging/monitoring, vulnerability management, and incident response.
  • Provide thought leadership and partnered advisory in the planning, scoping, and execution of IT SOX testing activities, including risk assessments and control rationalization.
  • Partner with cybersecurity teams to assess risks related to cloud environments, infrastructure, and applications, ensuring appropriate controls are designed and operating effectively.
  • Act as a liaison to external auditors for ITGC and cybersecurity-related audits, ensuring alignment and timely communication of findings.
  • Provide independent and objective advisory to IT and business stakeholders on control design, risk mitigation, and cybersecurity best practices.
  • Strong analytical, problem-solving, and risk assessment skills.
  • We help businesses stay future-ready by connecting people, processes, and technology.
  • Together, Epicor employees are creating a more resilient global supply chain.
  • Whatever your career journey, we’ll help you find the right path.

Find more real-time jobs on JobLoom.