IT Sox Specialist at DigiOutsource

• Reporting to Group IT Risk and Compliance Manager, an exciting opportunity is available for a self-motivated individual looking to join our IT SOX Team. Based in Capetown, the individual will be responsible for design and implementation of IT controls, evaluate risks within the IT environment, and collaborate with stakeholders to strengthen internal controls and support accurate financial reporting from IT systems.

What you’ll be doing

As part of your role, your responsibilities will include:

• Maintain a comprehensive understanding of the IT systems landscape, including application configurations and controls that support SOX (ICFR) compliance.
• Identify, document, and update IT risks, controls, and Risk and Control Matrices (RACMs) for all in‑scope systems.
• Perform walkthroughs of key IT processes—such as access management, change management, backup and recovery, and SDLC—to evaluate control design and operational effectiveness.
• Collaborate with technology stakeholders to communicate IT General Control (ITGC) requirements and ensure readiness for internal and external audits.
• Gather evidence, track control execution dashboards, and follow up with control owners, ensuring timely resolution of issues and clear communication of remediation plans.
• Implement IT controls for newly introduced or significant systems and transition long‑term ownership to relevant IT or business teams.
• Manage IT application controls, IT‑dependent manual controls, and GRC tools (including SharePoint) to ensure accurate documentation and tracking of risks, controls, and gaps.
• Drive automation opportunities to streamline control execution and monitoring, while supporting training and awareness initiatives related to IT SOX requirements.
• Develop and maintain IT SOX documentation, including policies, procedures, and reports prepared for the Audit Committee.
• Stay current on IT frameworks, regulatory changes, industry best practices, and emerging risks, including areas such as cloud computing and AI.
• Support broader IT risk management activities to further enhance SOX compliance maturity across the organization.
• Develop remediation plans for IT observations, work closely with system owners to complete corrective actions, and document severity and impact assessments for identified issues.
• This job description is not intended to be an exhaustive list of responsibilities. You may be required to complete other reasonable duties in order to achieve business objectives.

Essential skills you’ll bring to the table

The necessary skills that we require for this role include:

• Strong verbal and written communication skills, with the ability to convey complex ideas clearly and effectively
• Experience working collaboratively in cross-functional teams, with a focus on achieving shared goals
• Expertise in managing multiple projects simultaneously, with a track record of delivering on time and within scope
• Exceptional attention to detail, ensuring high standards of quality in all outputs
• Ability to adapt quickly to changing environments and priorities, maintaining effectiveness in dynamic situations
• Bachelor’s degree in Information Systems, Accounting, IT, or related field
• 3–5 years of experience in IT audit, IT SOX compliance, or a related role
• Strong understanding of SOX requirements and frameworks like COSO, specifically related to IT controls
• Proven experience implementing and testing IT General and Automate Controls
• Proficiency with audit documentation tools or software
• Proficiency in using Microsoft Office and other relevant software applications for data entry, document management, and report generation.

Desirable skills you’ve got up your sleeve

It would be great if you also have some of the following skills:

• Certifications such as CISA, CISM, CISSP, CRISC, or similar preferred
• Experience in IT risk assessment, IT control evaluation, and audit planning  
• Familiarity with cloud environments, cybersecurity, and relevant frameworks (e.g., SOC 1/2, ISO, PCI)
• Strong analytical mindset and attention to detail
• Self-starter with project management capabilities