Overview
Iovance Biotherapeutics is seeking a Senior Analyst, Security Governance and IT SOX Assurance to support the design, execution, and continuous improvement of the IT SOX program and security governance, awareness, and reporting initiatives.
The Senior Analyst will serve as the first line point of contact for IT SOX activities, engaging with internal and external stakeholders, driving cross-functional partnership and collaboration between IT and Finance, managing walkthroughs, document request lists, and coordinating the remediation of IT general control deficiencies. The role will also assist in creating and building a security and risk awareness culture.
Essential Functions and Responsibilities
IT SOX Assurance
1. Coordinate and attend walkthroughs, manage SOX request lists, and document risk and control matrices, process narratives, and flowcharts.
2. Collaborate with process owners to review SOX documentation and identify areas for control enhancements or documentation improvements.
3. Coordinate with internal and external auditors to ensure engagement and timely execution of the SOX program.
4. Maintain the overall SOX project plan and internal SOX documentation.
5. Assess, track, and document audit findings, gaps, control deficiencies and remediation activities throughout the audit cycle.
6. Review and document findings as part of the annual SOC-1 review process.
7. Assist in training process owners on SOX compliance program activities.
Security Risk and Compliance (Internal and Third Party)
1. Conduct information security risk assessments of IT solutions (third-party and internally developed) and internal processes.
2. Perform risk assessments on new and existing third parties.
3. Track issues/risks throughout their lifecycle – from initial identification and evaluation to response, mitigation and reporting via the security risk register.
4. Participate in formal security risk analysis and technical assessment programs for various cybersecurity compliance initiatives and processes.
5. Contribute to the continuous improvement of security and compliance processes, including training and guiding team members, consultants, and stakeholders on compliance and risk management best practices.
Security Governance and Reporting
1. Assist in the maintenance of Iovance’s security policies and procedures. Ensure policies are reviewed and updated regularly.
2. Prepare management reports regarding compliance operations and progress.
Security Awareness Training
1. Assist in delivering on the cybersecurity awareness roadmap, including but not limited to the:
* creation of security awareness content,
* running phishing simulations,
* executing the phishing escalation process,
* updating the cybersecurity intranet site, and
* presenting security awareness topics to stakeholders across the company.
Travel
1. The ability to travel domestically and internationally, as required.
Required Education, Skills, and Knowledge
1. 5+ years’ experience in IT audit, Information Security, and IT domains such as Governance, Risk, and Compliance (GRC). Big 4 or similar experience preferred.
2. BS degree in Computer Engineering, Computer Science, IT, Information Assurance, Business or related field.
3. Previous experience with IT frameworks and regulatory requirements (e.g., NIST CSF, SOX, ISO 27001, etc.).
4. One or more of the following CISSP, CGRC, CISA, CRISC preferred.
5. Highly organized, detail oriented with the ability to facilitate efficient meetings and coordinate activities between multiple parties.
6. Excellent English written and verbal communication skills.
7. Strong technical, analytical and problem-solving skills.
8. Ability to interact with personnel on all levels to resolve issues and provide solutions in a timely manner.
9. Understands the need for, and consistently practices, effective teamwork with others.
10. Capable of prioritizing and managing assignments, tasks and projects to completion with minimal supervision.
11. Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment.
The physical demands described here represent those that an employee must meet to perform the essential functions of this job successfully. Reasonable accommodations may be made upon request to enable individuals to perform essential functions. Please contact Human Resources to request accommodation.
Physical Demands and Activities Required
1. Must be able to remain in a stationary position standing or sitting for prolonged periods of time.
2. Must be able to move about inside an office and exert up to 10 pounds of force occasionally or a negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects.
3. Must have visual acuity to perform activities such as: preparing and analyzing data and figures, viewing a computer screen, and extensive reading.
4. This position requires repetitive motion, substantial movements (motions) of the wrist, hands, and/or fingers.
5. Must be able to communicate with others to exchange information.
Mental: Clear and conceptual thinking ability; excellent judgment, troubleshooting, problem-solving, analysis, and discretion; ability to handle work-related stress; ability to handle multiple priorities simultaneously; and ability to meet deadlines.
Work Environment
This job operates in a professional workplace or remote office environment and requires standard office equipment and keyboards. Employees who work remotely are expected to maintain their workspace and environment safely and free from safety hazards.
The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Management retains the discretion to add or to change the duties of the position at any time.
Iovance is committed to cultivating and offering a diverse and inclusive work environment. As an equal-opportunity employer, our employees and applicants will be considered without regard to an individual’s race, color, religion, sex, pregnancy, national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information, military and veteran status, and any other characteristic protected by applicable law. If you need assistance or accommodation to apply to one of our opportunities, please contact careers@iovance.com.
By voluntarily providing information and clicking “Submit Application”, you explicitly consent to the collection and use of your personal information for the purposes described above and in our Candidate Privacy Notice.
#LI-Remote
#J-18808-Ljbffr