The IT and Information Security Compliance Staff Auditor will be responsible for supporting maintenance of the IT Risk Control Matrix, performing Sarbanes Oxley (SOX) IT General Controls (ITGC) and Information Security compliance controls across all divisions and various technology platforms including SAP and other third-party hosted systems. Besides SOX, IT and Information Security Compliance Staff Auditor maybe assigned controls and required to perform tasks for other compliance programs like ISO 27001, CMMC, GDPR and regional statutory audit programs as necessary. The Staff Auditor must be familiar with the SOX ITGC control framework, ISO 27001, NIST 800-53, COBIT, and NIST Cyber Security Framework, and, assessing and testing different aspects of Information Security and SOX ITGC controls including Change Management, Logical Access, Program Development and Computer Operations in all technology layers - Application, Database, Operating System and Network. Knowledge and experience with ISO27001, NIST 800.53, NIST 800.171, CMMC is desirable plus. Show more Show less