IT SOX Analyst

Job Description:

IT SOX Analyst (SAP ERP & Salesforce CRM) - C2

C Position Location:

Bay Area, CA (Onsite)

Duration:

Contract 6-9 months

Start Date:

Immediate /

ASAP Employment Type:

Contract Position Overview We are seeking an experienced IT SOX Analyst for a contract engagement with our client in the Bay Area, CA. The ideal candidate will have strong experience supporting IT SOX compliance , IT General Controls (ITGC), and application controls with solid understanding of SAP ERP and Salesforce (SFDC) CRM environments. This role requires close collaboration with Internal Audit, Compliance, Security, Business, and IT teams to ensure effective control design, execution, remediation, and audit readiness across enterprise applications and supporting systems. The ideal candidate should be detail-oriented, process-driven, and capable of working independently in a fast-paced enterprise environment. This is an onsite role in the Bay Area, CA. Key Responsibilities Support IT SOX compliance activities including: IT General Controls (ITGC) Application Controls Access Controls Change Management Incident Management SDLC controls Perform control testing, documentation review, evidence collection, and gap analysis. Partner with application owners, business stakeholders, and auditors to ensure timely completion of SOX activities. Review and validate user access, segregation of duties (SoD), privileged access, and role-based security controls. Support remediation planning and tracking for identified control deficiencies. Assist in maintaining audit-ready documentation and compliance evidence repositories. Participate in walkthroughs with internal and external auditors. Evaluate control effectiveness within SAP ERP and Salesforce CRM environments. Monitor compliance risks and recommend process improvements and automation opportunities. Required Qualifications 5+ years of experience in IT SOX compliance, IT Audit, or IT Risk Management.

Strong understanding of:

SOX compliance processes ITcontrols Access management controls Change management controls SDLC and operational controls Hands-on experience supporting audits in SAP ERP environments. Good understanding of Salesforce (SFDC) CRM security and access controls. Experience working with Internal Audit and external auditors. Familiarity with user provisioning, role management, and segregation of duties concepts. Strong documentation, analytical, and communication skills. Ability to independently manage multiple priorities and deadlines. Preferred Qualifications Experience with SAP modules such as Finance, Order-to-Cash, Procure-to-Pay, or Supply Chain. Understanding of Salesforce profiles, permission sets, roles, and environment migration controls. Experience with GRC tools and audit/compliance platforms. Exposure to cloud security and SaaS compliance controls. Knowledge of automated controls testing and compliance reporting. Relevant certifications such as are a big plus:

CISA CPA CISSP SAP

Security/GRC certifications Soft Skills Strong attention to detail and organizational skills. Ability to communicate effectively with technical and non-technical stakeholders. Strong problem-solving and risk assessment mindset. Self-driven and proactive approach to compliance activities