Director of IT Audit & Compliance

Date: Feb 14, 2024

Location: Nashville, TN, US, 37228

Company: A. O. Smith Corporation

Company / Location Information

We are one of the leading manufacturers of water heating and water treatment technologies in the world. We are a $3.5 billion company with 140+ years history and we employ more than 12,000 individuals globally who pride themselves on providing the world with innovative water technology. We are committed to Continuous Improvement, not just in our factories or processes, but in our people.

Primary Function

The Director is responsible for assessing and evaluating existing and emerging risk, addressing audit issues, reviewing controls design and execution and designing/ executing proactive compliance monitoring in collaboration with corporate management, internal and external audit and business units.   Additionally, the director provides financial oversight and review to ensure spend processes are in compliance with GAAP and other financial requirements.

 

Responsibilities

  • Provide leadership to the Business Technology Services (BTS) team in achieving internal process improvement, effectiveness, enhanced competency and awareness for SOX controls and related regulatory requirements

  • Lead organizational change, including establishing roles and responsibilities and building aligned coalitions with BTS and functional leaders

  • Ensure new systems and significant changes to the IT environment are proactively addressed for considerations impacting IT General Controls (ITGC), that the right controls are incorporated in projects and that ongoing systems of sustainability are established to enable effectiveness

  • Develop, implement, and maintain a comprehensive SOX compliance program using a risk-based approach across the company’s technology, including emerging technologies

  • Perform ongoing monitoring and tracking to ensure that controls are designed and functioning effectively, with the primary focus being the SOX in scope applications

  • Enhance existing controls to ensure effective risk mitigation, adherence to control frameworks and drive process improvements

  • Communicate issues, deficiencies and progress of remediation efforts effectively to BTS Leadership, Executive Leadership, including the audit committee

  • Consult with BTS, internal audit and business partners on techniques and system control methodologies

  • Produce audit reports for ongoing monitoring activities and share recommendations and observations with applicable audiences, both technical and non-technical

Role Specific Responsibilities

  • Act as the primary liaison with internal and external auditors, coordinating audits, related requests and drive the development and implementation of corrective actions with BTS

  • Perform deficiency evaluation, including identification of mitigating controls, defining remediation action plans and monitoring the implementation of corrective actions

  • Develop and deliver comprehensive and recurring SOX compliance training for relevant stakeholders across the organization

  • Able to research new and better ways of mitigating risks using emerging technologies

  • Communicate timely status updates (both verbal and written) to team members and management

  • Provide leadership to the team in achieving internal process improvement, effectiveness, and greater levels of competency

  • Assess existence, efficiency, and effectiveness of the IT control environment by directing control/process optimization

Qualifications

  • Bachelor's degree in Business Administration, Management Information Systems, Accounting or related.

  • 6+ years of related experience with a minimum of 4years in SAP security/controls

 

Additional Qualifications:

  • CISA preferred

  • Proven experience with managing IT audit processes and deliverables

  • Prior experience developing presentations for communication to the audit committee

  • Experience with ensuring compliance for SAP hosted/cloud environment

  • Experience with assessment and management of SSAE18 SOC1/SOC2 compliance process

  • Experience contributing to and establishing the organizational change management characteristics necessary to establish and maintain control operational effectiveness

  • Have a track record for building effective mechanisms to hold control owners accountable and developing/designing compliance training programs for business and IT management teams

  • Experience with SAP GRC module, understanding configuration and best practice

  • Excellent oral/written communications, analytical, organizational, teamwork, and interpersonal skills

  • Excellent problem-solving skills with ability to analyze situations, identify existing or potential problems and recommend solutions

  • Ability to multi-task in a fast-paced environment

  • Demonstrated outstanding level of professionalism, including ability to exercise good judgment, discretion, tact, and diplomacy

We Offer

Competitive compensation package and comprehensive benefits plans which include medical and dental insurance, company-sponsored life insurance, retirement security savings plan, short- and long-term disability programs and tuition assistance.


Nearest Major Market: Nashville

Job Segment: Wastewater, Water Treatment, Compliance, Internal Audit, Business Process, Engineering, Legal, Finance, Management