CBS Corporation Director, IT SOX Compliance in New York, New York

Director, IT SOX Compliance

REF#: 28787

CBS BUSINESS UNIT: CBS Corporate

JOB TYPE: Full-Time Staff

JOB SCHEDULE: Full-Time

JOB LOCATION: New York, NY

ABOUT US:

CBS Corporation (NYSE: CBS.A and CBS) is a mass media company that creates and distributes industry-leading content across a variety of platforms to audiences around the world. The Company has businesses with origins that date back to the dawn of the broadcasting age as well as new ventures that operate on the leading edge of media. CBS owns the most-watched television network in the U.S. and one of the world’s largest libraries of entertainment content, making its brand - "the Eye" - one of the most recognized in business. The Company’s operations span virtually every field of media and entertainment, including cable, publishing, radio, local TV, film, outdoor advertising, and interactive and socially responsible media. CBS’s businesses include CBS Television Network, The CW (a joint venture between CBS Corporation and Warner Bros. Entertainment), Showtime Networks, CBS Sports Network, TVGN (a joint venture between CBS Corporation and Lionsgate), Smithsonian Networks, Simon & Schuster, CBS Television Stations, CBS Radio, CBS Outdoor, CBS Television Studios, CBS Global Distribution Group (CBS Studios International and CBS Television Distribution), CBS Interactive, CBS Consumer Products, CBS Home Entertainment, CBS Films and CBS EcoMedia.

DESCRIPTION:

This position is responsible for planning and managing Information Technology (IT) internal controls process improvement initiatives. Identify and management of improvements to the design and operating effectiveness of internal controls in response to large scale IT projects or the identification of internal control weaknesses. Capture significant learning from internal and external resources to enable leading practices.

ESSENTIAL RESPONSIBILITIES:

  • Manage the preparation, planning and execution of SDLC related IT control tests Pre and Post System Implementation.

  • Manage the identification and evaluation of new third party IT service providers.

  • Partner with all levels of IT management, SOX PMO and Internal and External Audit to ensure that SOX SDLC testing is conducted in a cooperative, timely and efficient manner with value added reporting and cost effective recommendations being provided to management to strengthen controls

  • Routinely summarize and communicate to the affected project team control owners and IT management, control weaknesses identified during testing. Share any insight into operations or suggestions for corrective actions and improvements that will drive increased efficiency and mitigate risk.

  • Prepare reports on findings and recommendations for policy, procedure and internal control improvements

  • Partner with all levels of IT management, SOX PMO and Internal and External Audit in the design, implementation and monitoring of internal control remediation plan execution through ‘deficiency closed’ phase.

  • Identify on an on-going basis relevant industry trends and potential evolving risks facing IT initiatives, potential changes to IT internal controls over financial reporting and assess their impact on the scope and strategy of the IT Department

  • Provide or assist in preparing and conducting IT focused internal controls training

  • Perform customary administrative tasks and responsibilities.

  • Other assignments or special projects as requested by management

QUALIFICATIONS:

Required:

  • Ten or more years of technology and audit experience (general technology controls, application, and security) within a public accounting, and/or internal audit function

  • Five or more years of experience with internal controls evaluation, COSO, COBIT, ITIL, ITGCC, and SOX 404 requirements including all phases of planning, evaluation, documentation, testing and remediation.

  • Demonstrated proficiency of technology auditing control disciplines including thorough knowledge in two or more and general knowledge in relevant areas of technical specialization (security, application development, change management, or operations).

  • Working knowledge of:


  • Oracle Database Administration, Security Administration and e-Business Suite (a plus) Auditing

  • SAP HANA Auditing

  • Windows Operating System and Active Directory Security including Users and Groups, Group Policy, Domain Structures, Security and Auditing

  • UNIX / Linux Operating System Security, including Users and Groups, System Configurations, File Permissions, Privileged Accounts, Password Controls, Security and Auditing

  • Excellent written and verbal communication skills with the ability to present control analysis and recommendations with clarity and professionalism

  • Ability to lead teams and motivate people

  • Comfortable with meetings and leading discussions with senior staff

  • Superior skills in planning, managing and controlling activities of a diverse team

  • Customer focused and professional in work ethic and performance

  • Demonstrated track record of integrity, effective communication, commitment to teamwork, innovation, and excellence

  • A BA or BS Degree or equivalent in Information Systems, Accounting, Finance, Business, or related field

Preferred:

  • Professional Certification is preferred (CISA, CISSP, SSCP, CPA, or equivalent)

#DICE

#LI-PS1

EEO STATEMENT:

Equal Opportunity Employer Minorities/Women/Veterans/Disabled