Cigna - Bloomfield, CT
posted about 2 months ago
Full-time - Mid Level
Hybrid - Bloomfield, CT
5,001-10,000 employees
Insurance Carriers and Related Activities
About the position
The Information Technology (IT)/SOX Internal Auditor role at The Cigna Group is a global position focused on leading IT general computing control testing for Sarbanes-Oxley (SOX) and non-SOX environments. The auditor will collaborate with various technology teams to enhance SOX control practices, identify control gaps, and support audit activities, ensuring compliance and risk mitigation across the organization.
Responsibilities
- Execute key functions of Internal Audit's SOX/SOC oversight program for Evernorth
- Coordinate testing oversight, evidence gathering, deficiency analysis, and additional testing in support of external and internal audit teams
- Collaborate with Financial Compliance team and SOX office to assess scope and facilitate testing coverage
- Meet frequently with control owners to assess compliance with audit requests
- Collaborate with technical teams to interpret control requirements and assess design and operating effectiveness of key controls
- Identify and communicate internal and external security/audit risks through analysis of control evidence
- Assess the effectiveness of IT general controls, including system development, security, backup, disaster recovery, and maintenance controls
- Review and provide feedback on scope changes to systems and infrastructure and integrate them into SOX testing strategy
- Assist internal SOX testing team in execution of annual SOX test program
- Perform and document testing over key IT general controls
- Review and respond to internal and external data requests for regulatory audits
- Assist with engagement planning, fieldwork, and reporting
- Advise management on control implementation, remediation, and process changes, including follow-up on identified gaps
- Develop and deliver risk and control awareness training
- Prepare, review, and deliver documentation and reports for internal and external stakeholders
- Influence senior and line management on risk and control matters
- Manage and review the work of staff performing control assessments, providing feedback and improvement opportunities
- Contribute to process improvements, including establishing continuous monitoring models and staying current on emerging technology trends.
Requirements
- Bachelor's degree in a related field
- 6+ years of relevant experience
- Strong understanding of controls, risk, and audit methodology over information technology
- Excellent written and verbal communication skills
- Innovative enterprise mindset (self-starter, action-oriented, results-driven)
- Proactive approach to improving internal processes
Nice-to-haves
- Certifications such as CISA, CIA, CISM, or CISSP preferred
- Expertise in executing regulatory compliance audits such as SOX and SOC1
Benefits
- Smoking cessation program
