S&P Global
Website:
spglobal.com
Job details:
Company Description
S&P Global is a leading provider of trusted data, insights, and technology that empower businesses, governments, and individuals to make well-informed decisions in a rapidly evolving global landscape. Through expertise and world-class benchmarks, we help customers confidently navigate the capital and commodities markets, embrace advancements in sectors such as energy and artificial intelligence, and plan for sustainable growth. The company is committed to delivering essential intelligence that fosters economic and strategic success. For more information, visit www.spglobal.com. Please be aware of potential recruitment fraud and familiarize yourself with our fraud prevention guidelines on our website.
Role Description
The SOX Compliance Analyst – Logical Security & IT General Controls is responsible for the end-to-end execution of Logical Security controls supporting SOX compliance and the Global Financial Controls risk framework. This role requires hands-on experience executing Logical Security IT General Controls (ITGCs) and a strong understanding of SOX compliance requirements, COSO principles, and internal risk frameworks.
The analyst will ensure that Logical Security controls across SOX in scope systems are designed appropriately, executed effectively, and compliant with SOX and enterprise risk standards, working closely with Technology, Finance, Internal Audit, and external auditors.
Role Responsibilities
Financial System Security
- Execute end to end Logical Security controls for SOX in scope applications, mainly including:
- User Access provisioning
- Periodic access recertification
- Validate completeness, accuracy, and timeliness of Logical Security evidence
- Assess segregation of duties (SOD) conflicts and support remediation efforts where required
- Evaluate role design, access models, and access restrictions for SOX relevant systems
- Support centralized access governance and Logical Security standardization initiatives
- Identify risks related to unauthorized access, excessive privileges, or control breakdowns impacting financial reporting
- Prepare/maintain up to date Standard operating procedures (SOP’s) against each process and control execution.
SOX Compliance & Risk Framework Alignment
- Ensure Logical Security controls are aligned with SOX requirements, COSO principles, and internal risk framework standards
- Maintain and update Risk & Control Matrices (RCMs), control narratives, and supporting documentation related to Logical Security
- Identify control gaps or deficiencies, support root cause analysis, and track remediation through closure
- Apply a risk based approach when evaluating control design and operating effectiveness
- Act as a key contact for external auditors for Logical Security and ITGC related SOX testing
- Support or engage in walkthroughs, testing, and PBC requests with Internal / External Auditors
- Support management reporting on SOX status, Logical Security issues, and remediation progress
Continuous Improvement
- Identify opportunities to strengthen Logical Security control, maturity and consistency
- Contribute to SOX and ITGC methodology updates, templates, and control standards
- Leverage automation opportunities to reduce manual errors and time required for control execution
Qualifications
- Strong understanding of SOX, COSO, and ITGC frameworks
- Hands on experience with Logical Security controls across systems such as:
- ERP platforms (e.g., SAP, Oracle, Workday)
- Billing and revenue systems (e.g., SFDC, CPQ)
- Identity and Access Management tools (e.g., SailPoint, CyberArk, Okta)
- Ability to assess automated, IT dependent, and manual Logical Security controls
- Strong documentation, analytical, and issue assessment skills.
Experience
3-4 years of experience in a similar role with multi-national organization
Click on Apply to know more.