Lead Analyst - SOX Audit and Control

Job Description

We are looking for a talented and experienced professional with sound knowledge and experience in SOX Audit and Control for one of our global Investment Banking Clients.

• Own the SOX risk assessment and scoping exercise to identify significant accounts, disclosures, and relevant assertions across investment banking, asset management, and trading divisions.
• Design and evaluate the effectiveness of Internal Controls, ensuring they mitigate risks associated with complex financial products and regulatory reporting.
• Conduct end-to-end walkthroughs of high-risk business processes; maintain and update risk-control matrices (RACMs), process flowcharts, and control narratives.
• Perform and review Test of Design (ToD) and Test of Operating Effectiveness (TOE) for both manual business controls and IT General Controls (ITGCs).
• Identify, document, and track control deficiencies; collaborate with process owners to develop robust remediation plans and verify the effectiveness of implemented fixes.
• Act as a primary point of contact for external auditors to facilitate quarterly and year-end audits, ensuring timely delivery of audit evidence and resolution of queries.
• Prepare high-quality audit reports and presentations for senior management and the Audit Committee, highlighting key control trends and systemic risks.
• Provide expert guidance on the control implications of new accounting standards (e.g., US GAAP/IFRS), business process changes, or the implementation of new trading and accounting systems.
• Assist in SOX transformation activities such as controls automation, standardization of controls environment, and adoption of data analytics in testing.
• Support the quarterly and annual SOX certification exercises.

Skills Required

• Minimum of 5 years of experience in SOX Audit and Control roles.
• Strong understanding of investment banking operations, including derivatives, fixed income, equities, and the lifecycle of a trade.
• In-depth knowledge of Sarbanes-Oxley Act, COSO 2013 framework, and PCAOB auditing standards.
• Proven experience in risk-based audit planning, sampling methodologies, and testing of complex spreadsheet/End User Computing (EUC) controls.
• Familiarity with IT General Controls (Access, Change Management, Operations) and experience with GRC tools (ServiceNow, Workiva, or MetricStream) and ERP systems.
• Ability to analyse large datasets to identify anomalies; proficiency in data visualization or CAATs (Computer Assisted Audit Techniques) is highly preferred.
• Exceptional verbal and written communication skills, with the ability to translate technical control language into actionable business insights for non-audit stakeholders.
• Strong organizational skills with the ability to manage multiple workstreams and deadlines in a fast-paced, high-pressure banking environment.