IT Controller, Enact IT Security
This position is available to North Carolina residents as Raleigh, NC in-office applicants. Enact currently enjoys a hybrid in office / work from home schedule.
Enact policy requires employees to be vaccinated before they visit an office.
Because this position requires office attendance, any offers of employment shall be conditional upon proof of vaccination or exception based on a qualifying medical or religious accommodation request.
The IT Controller will serve as a member of the IT Security team and will report to the Chief Information Security Officer. The IT Controller will manage the annual SOC 2 audit activities as well as coordinate with Enact Corporate Audit Services (ECAS) to assess IT General Control and IT Application control activities as it relates to Enact's Sarbanes Oxley (SOX) IT compliance programs. This position may also participate in Genworth company-wide internal audits that impact Enact IT which are led by the parent company's internal audit resources. The IT Controller will work both independently and with IT Security and Enterprise Risk Management in monitoring the IT control environment. The candidate will have an influential role with the CISO, IT Security and Enterprise Risk.
Manage IT SOC 2 Audit from beginning to completion including:
Meeting coordination of IT and Non-IT stakeholders and key resources, and facilitation of walkthrough exercises.
Management and oversight of the IT document register, including the process of identifying, obtaining, and reviewing required IT documents for accuracy. Responsible for delivery of IT documents to auditors once they have been reviewed and validated.
Based on SOC 2 requirements, obtain necessary access to reliance systems to assist evidence gathering efforts and requirements.
Maintain a regular communication cadence to IT leadership, key stakeholders, and external auditors. Communications include progress reports, key milestone achievements, issues or concerns, potential risks, scope changes, and overall timeline updates.
Identify, address, and resolve any problems that arise during SOC 2 Audit.
Identify and mitigate potential risks or delays to the SOC 2 Audit.
Support IT Risk Based internal audit projects and requests from beginning to completion:
Serve as the primary interface and liaison between IT and ECAS for projects and requests that are specific to IT or require IT support and engagement.
Responsible for receiving, reviewing, and assessing audit documentation and evidence requests.
Responsible for reviewing and partnering with ECAS to finalize audit scope for IT audits.
Propose adjustments, changes, or scope modifications where needed or required.
Facilitate the acquisition and review of IT documentation and evidence to support ECAS audit projects and requests.
Represent IT for potential audit findings, including assessment of over-all risk level based on relevance, likelihood, and impact.
Support IT SOX Engagement from beginning to completion:
Serve as a liaison between IT and audit resources to ensure IT owners and stakeholders have the proper knowledge and understanding of SOX processes and SOX related actions and requests.
Facilitate IT audit walkthroughs and review SOX requests and evidence received for relevance and accuracy.
Facilitate the acquisition, review and delivery of IT documentation and evidence to support SOX control testing for IT General Controls and IT Application Controls.
Ensure an extensive level of understanding of IT processes, IT controls, ITGCs, and ITACs related to SOX.
Actively participate in the testing of SOX ITGC and ITAC controls as needed.
Facilitate quarterly reviews that require manual effort to complete.
General IT Activities and Responsibilities:
In an advisory capacity, work closely with the Project Management Office and IT
In an advisory capacity, work closely with the Project Management Office and IT Stakeholders during various phases of IT projects to ensure audit and compliance requirements and best practices are understood and accounted for when solutions and systems are architected and developed.
Drive continuous improvement across IT as it relates to operational processes, procedures, controls, reporting, and monitoring.
Partner with the project management office to assist with the closure of audit related project tasks and project reviews.
Partner with IT leadership to facilitate the reporting and documentation of IT audit results, findings, and content required for executive level presentations.
Partner with IT leaders and key subject matter experts to obtain extensive knowledge on IT processes and operational procedures to better understand IT systems, tools, applications, and capabilities to support audit and compliance projects and requests.
Serve as the control owner for application risk assessment process and monthly mainframe segregation of duties reviews.
Partner with business leaders and business subject matter experts when business related audit activities require IT input, support, or action.
Partner with Enterprise Risk Management in the development and deployment of an IT Risk Management Framework
Provide assistance and coordination in customer due diligence activities such as responding to customer questionnaires and customer meetings (onsite or virtual).
Bachelor's degree in information technology, computer science, business, or applicable field or 7+ years of relevant experience.
7+ years of relevant IT work experience, preferably within the financial services industry.
Internal and/or external IT auditing experience, preferably with Big 4 Accounting Firm or a public company.
Self-motivated with the ability to assess and determine risk, reason logically, analyze and evaluate data and information, and draw appropriate conclusions.
Demonstrated ability to think critically, challenge existing controls and documentation, provide suggestions on new ways to approach tasks, proactively manage assigned tasks, handle multiple tasks concurrently and adhere to tight deadlines.
Excellent presentation, communication and writing skills with demonstrated ability to present analysis and findings in a cohesive, understandable and actionable format to all levels of management.
Strong Knowledge of internal controls and SOX requirements, Sarbanes-Oxley Act of 2002, PCAOB standards, COSO and COBIT frameworks.
Demonstrated project management experience, ability to apply auditing protocols, lead groups of people and effect change in a matrix organization by influencing stakeholders.
Advanced degree (e.g., MBA)
Certified Information Systems Auditor (CISA) certification - will consider other certifications (e.g., Certified Public Accountant/CPA, Certified Internal Auditor/CIA, Certified Information Systems Security Professional/CISSP, etc.)
Expert knowledge of internal controls, SOX requirements, COBIT and/or COSO frameworks
WHY WORK AT ENACT
We have a real impact on the lives of the people we serve
We work on challenging and rewarding projects
We give back to the communities where we live
We offer competitive benefits including:
o Medical, Dental, Vision, Flexible Spending Account options beginning your first day
o Generous Choice Time Off policy
o 12 Paid Holidays
o 40 hours of volunteer time off
o 401K Account with matching contributions
o Tuition Reimbursement and Student Loan Repayment
o Paid Family Leave
o Child Care Subsidy Program
Enact, operating principally through its wholly-owned subsidiary Genworth Mortgage Insurance Corp. since 1981, is a leading U.S. private mortgage insurance provider committed to helping more people achieve the dream of homeownership. Building on a deep understanding of lenders' businesses and a legacy of financial strength, we partner with lenders to bring best-in class service, leading underwriting expertise, and extensive risk and capital management to the mortgage process, helping to put more people in homes and keep them there. By empowering customers and their borrowers, Enact seeks to positively impact the lives of those in the communities in which it serves in a sustainable way. Enact is headquartered in Raleigh, North Carolina.
Through our values of Excellence, Improvement and Connection, the Enact team delivers on our mission to help more people realize the dream of homeownership. The positive impact we can have on our world inspires us to go the extra mile. We look at the bigger picture, always considering our customers' processes and their borrowers' experience. We work hard to anticipate all the effects our actions might have. That can make our work challenging, and also satisfying.
Are you the kind of person who's always anticipating your customers' needs? Always one step ahead, ready to catch that unexpected curveball? If so, you could thrive with us.
We are proud to be an equal opportunity employer and all hiring decisions are based on merit, qualifications, and business need. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.