SOX & Internal Controls Compliance IT Manager Arlington, VA

SOX & Internal Controls Compliance IT Manager

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world's real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives.

Role Overview: SOX & Internal Controls Compliance IT Manager Arlington, VA | In office, Monday-Friday

Responsibilities

• Support Sarbanes-Oxley ("SOX") compliance, internal controls, and enterprise risk management ("ERM") assessments.
• Assist with implementing the SOX compliance programs, including, but not limited to the following activities:
• Conducting risk assessments and system scoping
• Conducting walkthroughs and documenting end-to-end technology processes, identifying risks and key controls, using narratives
• Documenting and assessing the design and effectiveness of key IT general controls ("ITGC") and IT application controls ("ITAC")
• Executing testing to validate the operating effectiveness of controls
• Evaluating controls deficiencies to determine impact and significance
• Identifying and implementing effective and efficient plans to remediate control deficiencies
• Summarizing and documenting results of work performed including management reporting
• Execute internal controls and IT risk management activities to support our risk management initiatives.
• Ensure robust IT General Controls over:
• Logical access management
• Role-based security and segregation of duties
• Change management
• System interfaces and data integrity
• Configuration controls
• Oversee periodic user access reviews and segregation of duties analyses.
• Coordinate with IT and Information Security to align financial systems governance with enterprise cybersecurity standards.
• Assess technology risks and internal control solutions associated with ERP, SaaS, IT infrastructure and cloud platforms.
• Create and deliver presentations on technical concepts, project work plans, delivery approach, milestones, and results to key stakeholders.
• Deliver efficient and effective approaches to implement and assess risks relating to information security and change management.
• Implement data analytics to enhance approaches to internal control assessments.
• Work effectively across different groups within the company (technology, accounting, finance, operations).

Basic Qualifications

• Bachelor's degree required in Information Systems, Accounting, Finance, or related field from an accredited, not-for-profit, in-person college/university.
• A track record of commitment to prior employers.
• 7-8+ years of professional services experience with applicable IT risk management and internal controls experience.
• One or more of the following risk related certifications is preferred: CPA, CIA, CISA, or CISSP.
• Track record of technical expertise with SOX, IT risk management and internal controls assessments.
• Deep knowledge of SOX compliance and PCAOB requirements:
• SOX 404 and COSO framework
• IT General Controls (ITGCs)
• Segregation of duties architecture
• ERP and financial systems governance
• Experience implementing and assessing controls over highly automated business processes.
• Knowledge of emerging technology risks, including cloud computing, agile development, cybersecurity, and privacy.
• Knowledge of best practices for authentication, authorization and change management.
• Ability to manage and prioritize assignments while meeting deadlines and maintaining attention to detail.
• Excellent analytical, problem-solving, and critical thinking skills to assess complex IT risks and identify appropriate control enhancements.
• Exceptional verbal and written communication skills, with the ability to effectively communicate technical concepts to non-technical stakeholders.
• Experience in a publicly traded company ($1B+ revenue) or Big 4 experience required.

Preferred Qualifications

• 7-8+ years of experience in IT auditing, or IT compliance or IT risk management, preferably within a large organization or a public accounting firm.
• Knowledge and application of IT controls and governance frameworks such as SOC 1/2, COBIT, NIST (CSF, 800-53, and 800-171), ITIL, ISO 27001/2, and best practices.
• Experience on ERP applications such as Oracle Cloud.
• Proven experience in executing technology audits, including evaluating IT general controls, application controls, and data integrity.
• Global, multi-entity experience preferred.

What's in it for you?

If you are a driven professional looking for a high-growth, high-reward career, CoStar Group offers the ideal opportunity. Be part of a best-in-class company with strong year-over-year growth that invests in your success. Enjoy a rewarding atmosphere where you can learn, excel, and grow.

When you join CoStar Group, you'll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed.

We offer you generous compensation and performance-based…