Sr Specialist Cybersecurity- SOX Audit ISO 27001

Job Description:

About the Company:

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future-you'll create it.

We are seeking a SOX Manage Access-Risk & Technology Senior Specailist, you will be a trusted partner to our cross-functional stakeholders, bringing deep process, technology risk, automated controls and IT general controls expertise, to help the company drive a scalable, well-designed control environment. This is a high-impact individual contributor role, you will be a trusted partner to our cross-functional stakeholders, bringing deep process, technology risk, automated controls and IT general controls expertise, to help the company drive a scalable, well-designed control environment. You'll play a key role in the financial and technology risk assessment, readiness, control optimization, and change enablement for AT&T's SOX program.

What you'll bring

• Lead the identification, assessment, and mitigation of technology risks across the organization.
• Develop and maintain risk frameworks, policies, and procedures aligned with industry best practices.

• Develop and enforce Identity and Access Management (IAM) policies and procedures to ensure compliance with SOX requirements.

• Oversee the control environment for multiple IAM platforms (such as SailPoint, CyberArk, Active Directory, Azure AD), ensuring seamless integration with governance, risk, and compliance (GRC) tools and supporting the organization's overall security and compliance objectives.

• Drive coordination and program management for initiatives impacting SOX scope, including new scope, technology process and control changes and optimization.

• Serve as an end-to-end process and IT control expert advising control and process owners on SOX requirements, risk assessment, control design, and optimization strategies.

• Participate in walkthroughs for high-risk areas and changes to help ensure readiness and control design effectiveness.
• Evaluate process and control changes, evaluate risk, business process transformations, advise on new initiatives for SOX impact, and provide clear, actionable recommendations
• Oversee the documentation of control narratives and perform control testing
• Collaborate with technical and business stakeholders to support the deficiency evaluation process including root cause analysis, impact assessment, management action plan development, remediation monitoring and validation.
• Oversee the development and execution of cybersecurity controls, including access management, vulnerability management, incident response, and data protection.
• Stay current on cyber threats, regulatory requirements, and control frameworks (e.g., NIST, ISO
• Partner with process owners and control owners to drive awareness and understanding of SOX requirements and protocols, control design requirements, and enterprise control strategy.
• Develop and review new and updated testing procedures to ensure control evidence and scope are sufficient and aligned with risk.

Education & Experience:

• 8 + years of experience in internal audit, SOX compliance, risk advisory, or public accounting.
• Bachelor's or Master's degree in a relevant discipline, such as Computer Science, Computer Engineering, Information Systems or equivalent experience preferred, but not required.
• CISA, CRISC, CISSP, AWS Certified Cloud Practitioner or above, CPA, CIA preferred. Deep knowledge of IAM principles and standards (e.g., NIST SP 800-53, ISO 27001, CIS Controls), with practical experience assessing and implementing IAM controls across a technology environment.
• Strong understanding of technology risk, financial reporting risk, internal controls (automated and ITGC), and PCAOB requirements.
• Hands-on experience with SOX readiness, automation, or transformation initiatives is required.
• Working knowledge of information technology best practices and control frameworks.
• Excellent interpersonal skills. Demonstrated ability to influence cross-functionally and at all levels of management and effectively navigate the social dynamics of teams, groups, and organizations.
• Proven leadership and process management skills, including the ability to think and lead multiple complex projects simultaneously.
• High attention to detail and quality, balanced with the ability to see the big picture and identify areas for process simplification.
• Excellent written and verbal communications, presentation, and influencing skills., Superior ability to clearly articulate a point of view and adjust communication style and content to suit audience needs.
• Ability to simplify complex concepts into clear and action-oriented communications and work through ambiguity, with confidence in making tough calls and leading through adversity with a sharp focus on driving the right outcomes.
• Ability to proactively look ahead, anticipate questions, independently assess risk, think critically and creatively to achieve the best outcome, and elevate issues to the right level internally and externally to resolve.

Skills Required

• Ability to lead, plan, execute and evaluate project activities to ensure completion of initiatives
• Skill in mentoring, and performance management
• Skill in using analytical software tools, data analysis methods and reporting techniques
• Skill in using computer applications including MS Office and industry standards
• Ability to communicate effectively in both oral and written form
• Ability to work collaboratively and build relationships across teams and functions
• Ability to work successfully as a member of a team and drive team execution
• Ability to exercise sound judgement in making decisions

• Ability to analyze, organize and prioritize work while meeting multiple deadlines

• Proficiency in analyzing data, identifying trends and preparing reports.

• Familiarity with cloud platforms (AWS, Azure, GCP) and their IAM solutions.
• Deep understanding of IAM tools, IT Security Audits, and Cloud Engineering.
• Experience in reviewing PAM solutions & designing controls around them.
• Extensive experience with technologies such as SailPoint and CyberArk, documenting processes flows and designing SOX controls framework.
• Product experience with SailPoint, CyberArk and Delinea
• Strong understanding of SOX IT General Controls

Supervisory:

No.

Weekly Hours:

40

Time Type:

Regular

Location:

IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.