IT SOX Compliance Analyst (m/f/d)

Jobbeschreibung

Atotech, a brand within the Materials Solutions Division of MKS Instruments, develops leading process and manufacturing technologies for advanced surface modification, electroless and electrolytic plating, and surface finishing. Applying a comprehensive systems-and-solutions approach, Atotech's portfolio includes chemistry, equipment, software, and services for innovative and high-technology applications. These solutions are used in a wide variety of end-markets, including datacenter, consumer electronics and communications infrastructure, as well as in numerous industrial and consumer applications such as automotive, heavy machinery, and household appliances.

With its well-established innovative strength and industry-leading global TechCenter network, MKS delivers pioneering solutions through its Atotech brand – combined with unparalleled on-site support for customers worldwide. For more information about Atotech, please visit us at atotech.com.

MKS in Berlin is looking for an

IT SOX Compliance Analyst (m/f/d)

Reference number: R14021

As an IT SOX Compliance Analyst (m/f/d) you will partner with our IT functions, control owners, process experts, internal finance auditors and external auditors to ensure compliance to established Sarbanes Oxley (SOX) controls throughout the year. You will execute control testing, provide support to internal and external auditors, produce work paper documentation, identify control issues through an unbiased lens. In this role, you will report to an IT SOX Manager.

You Will Make an Impact By

• Primary role is to perform risk based/security audits in areas such as but not limited to applications (internal and external), databases, operating systems, networks, sensitive data, patch management, change management, BCP/DR, third party vendors, cloud, etc.
• You will utilise appropriate resources to plan the audit engagement and effectively lead interviews/meetings to ensure relevant information is obtained for analysis
• Effectively perform testing procedures and draw conclusions on the operating effectiveness of relevant controls through the preparation of formal reports
• Prepare working papers that are clear and concise, describe in sufficient detail the work performed and conclusions reached, comply with departmental and professional standards and are sufficient to obtain a satisfactory rating from auditors
• Identify control issues and findings in a timely manner and ensure that findings are based on relevant facts and accurately characterized (based on risk); provide guidance on remediation of control issues, mitigating actions and follow-up actions
• Clearly communicate control findings to internal audit management as soon as they are identified

• Bachelor's degree in Computer Science or Management Information Systems
• Professional experience appropriate for this role in the field of IT Audit, risk assurance or compliance
• Strong knowledge of SOX requirements and the COSO internal control framework, IT General Controls (ITGC) Risk-and Control-Matrix, control design and operating effectiveness of ITGCs, Segregation of Duty, Service Organization Control (SOC) Report analysis
• Working knowledge and audit experience of tools & technical processes including identity & access management, database management; software development and quality assurance methodologies, change management, vulnerability management, penetration testing, data loss prevention, batch processing, business continuity/disaster recovery planning; enterprise architec-ture, telecommunications, data center operations, etc.
• Audit knowledge of most of the following Application Software (internal & external facing), SAP ERP, Oracle EBS, Databases (SQL/Oracle), OS (Windows/Linux), Cloud Computing Systems, Microsoft Azure, Amazon Web Services (AWS), Active Directory, Microsoft Office 365, AuditBoard etc.
• High level of initiative, ownership, continuous improvement as well as organizational, critical thinking and problem-solving skills
• Strong English language skills

Preferred Skills

• Understanding of IT control frameworks (COBIT, ISO 27002, NIST, ITIL, etc.)
• Knowledge of SOX 302/404, SSAE 16/SOC1/2/3, PCI /GLBA
• Certification such as CISA, CRISC or equivalent
• Experience working in a multi-national company
• German language

Globally, our policy is to recruit individuals from wide and diverse backgrounds. However, certain positions require access to controlled goods and technologies subject to the International Traffic in Arms Regulations (ITAR) or Export Administration Regulations (EAR). Applicants for these positions may need to be "U.S. persons." "U.S. persons" are generally defined as U.S. citizens, noncitizen nationals, lawful permanent residents (or, green card holders), individuals granted asylum, and individuals admitted as refugees.

MKS Instruments, Inc. and its affiliates and subsidiaries ("MKS") is an affirmative action and equal opportunity employer: diverse candidates are encouraged to apply. We win as a team and are committed to recruiting and hiring qualified applicants regardless of race, color, national origin, sex (including pregnancy and pregnancy-related conditions), religion, age, ancestry, physical or mental disability or handicap, marital status, membership in the uniformed services, veteran status, sexual orientation, gender identity or expression, genetic information, or any other category protected by applicable law. Hiring decisions are based on merit, qualifications and business needs. We conduct background checks and drug screens, in accordance with applicable law and company policies. MKS is generally only hiring candidates who reside in states where we are registered to do business.

Mehr