Connecting linkedin

IT SOx Tester

  • Location

    London, England

  • Sector:

    Info Security

  • Job type:


  • Salary:

    £525 - £550 per day

  • Contact:

    Amy Harris

  • Contact email:

  • Salary high:


  • Salary low:


  • Job ref:


  • Published:

    about 2 years ago

  • Duration:

    3 months

  • Expiry date:


  • Startdate:


  • Consultant:


Montash have been engaged by a leading Travel Company to source an IT SOx Tester for a 3 month contract role based in London.

The SOx Project is established to implement a SOx controls framework which allows the client to perform SOx controls assessment, remediate any gaps and thus achieve SOx compliance. This include:

  • Identification of SOx controls gaps and ensure an adequate remediation plan is developed. ​
  • Implementation of a SOx controls framework, including the governance structure and reporting processes. ​
  • Transition the SOx controls framework and capability to BAU.


* Perform and document test of IT SOx controls (mainly IT General Controls in Logical Access, Change Management, Program Development and Computer Operations).

* Engage with Control Owners, Control Operators, to walk-through controls, request populations and obtain required evidences.

* Conduct meetings by him/herself with the objective of discuss findings and advise on potential mitigations/compensating controls with Control Owners and Control Operators.

* Update progress of testing in internal tools - SAP (GRC) and Sharepoint.

* The role reports directly to the IT SOx Test Manager, but candidates must be able to technically conclude testing results independently (pass, fail).

* May need to support and/or supervise less experienced Testers (Quality Assurance) whilst still performing own tests.

Essential Skills

* Strong IT Audit (Internal or External) or other IT SOx Testing experience spread among all the Domains (Access, Program Change, Program Development, Computer Operations).

* Be able to work in alternative hours as needed (outside of 8am-5pm) to cater for global time zones) - e.g. run conference calls in the evening or early morning. These can be done remotely, if needed.

* Strong written and verbal communication skills

Nice to have (not essential) Skills

* Work experience acquired from Big 4.

* CISA certified

* Experience in using SAP GRC as testing tool.

* Degree in IT or Computer Science