Senior Analyst, Corporate IT SOX Audit

We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time.

The Senior Analyst, Corp IT Audit will be a key member of the Technology Controls Assurance (TCA) Internal Audit team and will participate in the execution of the annual Sarbanes‑Oxley (SOX) internal audit, and promote collaboration with the business partners, external auditors, and management. The position assists with the annual planning process and execution of the ITGC SOX program. This role will be responsible for continually evaluating and recommending operational and process improvements to our IT compliance processes, and the efficiency and effectiveness of the company’s key control structure.

This role is responsible for delivering high quality IT SOX internal audit results under the direction of the TCA Manager +.

• Effectively perform and document IT SOX audit activities in accordance with professional standards and the organization’s
• audit methodology.
• Execute testing and create work paper documentation.
• Understand procedures, results and business impacts; and document and express such understanding in both written and verbal form.
• Perform detailed review testing to analyze and validate information and provide constructive feedback to preparers to enhance the quality of testing work papers.
• Demonstrate the ability to accurately document ITGC process workflows and data flows.
• Create clear and accurate documentation and workflows of technology processes and test results and exceptions.
• Work in a fast‑paced, collaborative setting with cross‑functional teams.
• Lead individual project components and testing areas; oversee the work of more junior auditors and/or interns.

• Independently collect facts, utilize strong analytical capabilities to recommend appropriate actions on complex matters, and effectively communicate status and results in a concise, timely manner.
• Reports related audit findings to audit and business stakeholders.
• Interacts with various levels of Internal Audit and business line management to resolve issues in a timely manner and to maintain effective communications.
• Consider SOC reporting and other compliance impact for controls which are tested once and applied for other compliance purposes.

• Meets administrative reporting requirements and supports department initiatives.
• Demonstrates a commitment to integrity and the company code of conduct, and a respect for diversity and inclusion.
• Contribute to overall Internal Audit Department team norms to promote a positive environment and improve team effectiveness.
• Keep current of relevant technology developments and evolving IT risk areas.

• 2+ years’ experience in IT SOX Audit, IT SOX Compliance, Control Validation, Risk Assessment, or Risk Consultant role.
• Ability to travel up to 10%.
• Must be willing to work 8:00am-5:00pm EDT or CDT.

• Professional designations such as CPA, CIA, CISA etc., or progress towards achieving such designations.
• In-depth knowledge and understanding of Sarbanes Oxley regulation including its requirements, regulations, and implications for financial reporting and internal controls.
• Prior experience in strategizing, planning, and developing technology audit project plans.
• Healthcare, Insurance, or Retail industry business practices and risks.
• Familiarity with Cloud environments and data classification and protection concepts. IT processes - including applications and infrastructure, security and vulnerability assessments, change control, asset management, disaster recovery, data privacy, and IT risk assessment, automated control environments, cybersecurity best practices, cloud security controls etc.
• Familiarity with the…