At T-Mobile, we invest in YOU! Our Total Rewards Package ensures that employees get the same big love we give our customers. All team members receive a competitive base salary and compensation package - this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That’s how we’re UNSTOPPABLE for our employees!
Job Overview
As a Senior Analyst for SOX and IT Regulatory Compliance, you have the unique opportunity to have a direct and measurable impact on T-Mobile’s strategic direction and the company’s bottom line. You’ll need skills that enable you to partner and collaborate in other people’s technical and business groups, rapidly learn the nuances of their business and control areas, complete robust analyses, and recommend meaningful changes in critical business processes for risk management and control compliance. This role requires the ability to work cross functionally with IT, Business, Finance, Risk and compliance and audit teams, utilizing analytical skills in dissecting moderately complex problems and delivering clear recommendations to improve results. This role also interacts with technical SOX teams across the company and so must also be able to communicate complicated analysis, logic, and solutions in a clear and concise manner. Given the impact this position can have on company direction, you must feel comfortable taking and defending polarizing positions based on your work.

Job Responsibilities:

• Assist in establishing and implementing enterprise-wide IT SOX and Operational risk and governance programs including developing the framework, methodology, and tools for risk assessment, issue management, ongoing risk monitoring and reporting, as well as Governance, Risk and Compliance (GRC) platform management.
• Collaborate with Compliance teams to ensure control processes are updated as they evolve. Communicate the compliance framework to all relevant stakeholders at all levels (internal and external).
• Assess and test end-to-end technology processes for T-Mobile from planning, scope development to execution. This includes:
• A. Designing and evaluating end-to-end business systems architecture and processes to effectively manage IT and financial risks to document the end-to-end systems architecture and process to enable risk analysis to be performed.
• B. Identifying IT and financial risks, and designing financial, ITGC and data integrity controls to mitigate these risks leveraging GRC systems and standards such as NIST, COBIT, and other accounting/audit standards.
• 1b. Collaborate with IT, business, 2nd and 3rd line risk functions to update SOX documentation including process flowcharts, narratives, risk and controls matrices and the evaluation of scoping of controls as new systems are developed or modified.
• 2b. Proactively identify opportunities for automating controls through the use of analytics and by partnering with various teams in executing automation to enhance risk mitigation efforts.
• C. Validate design of IT data integrity and general controls and facilitating internal and external audits of technology processes
• Identify root cause and opportunities for improvement of internal controls and acquire consensus on remediation plans with key business partners (IT Operations, Product, Information Security and SOX teams).
• Remediate SOX and IT issues for audit and self-identified issues, including development of remediation plans, and managing execution of remediation plans to remediate risks in achieving operational and compliance objectives.
• Oversee the ongoing monitoring of risks and controls by the IT and financial 1st line and establish ongoing risk reporting for leadership.
• Also responsible for other Duties/Projects as assigned by business management as needed.

Education and Work Experience:

• Bachelor’s Degree Computer Science, Information Technology, Information Systems, Accounting, Business or a related field Area of Study (Required)
• 4-7 years Experience in an IT organization, experience working in SOX program environment. (Required)

Knowledge, Skills and Abilities:

• Communication (Required)
• Microsoft Office, Advanced Excel (Required)
• Microsoft Visio (Required)
• Microsoft Project (Required)
• Internal Audit (Required)
• Internal Controls (Required)
• Procurement & Supply Chain (Preferred)

Licenses and Certifications:

• Certified Information Systems Auditor (CISA) (Preferred)
• Certified Information Systems Security Professional (CISSP) (Preferred)
• At least 18 years of age
• Legally authorized to work in the United States

• Assist in establishing and implementing enterprise-wide IT SOX and Operational risk and governance programs including developing the framework, methodology, and tools for risk assessment, issue management, ongoing risk monitoring and reporting, as well as Governance, Risk and Compliance (GRC) platform management.
• Collaborate with Compliance teams to ensure control processes are updated as they evolve. Communicate the compliance framework to all relevant stakeholders at all levels (internal and external).
• Assess and test end-to-end technology processes for T-Mobile from planning, scope development to execution. This includes:
• A. Designing and evaluating end-to-end business systems architecture and processes to effectively manage IT and financial risks to document the end-to-end systems architecture and process to enable risk analysis to be performed.
• B. Identifying IT and financial risks, and designing financial, ITGC and data integrity controls to mitigate these risks leveraging GRC systems and standards such as NIST, COBIT, and other accounting/audit standards.
• 1b. Collaborate with IT, business, 2nd and 3rd line risk functions to update SOX documentation including process flowcharts, narratives, risk and controls matrices and the evaluation of scoping of controls as new systems are developed or modified.
• 2b. Proactively identify opportunities for automating controls through the use of analytics and by partnering with various teams in executing automation to enhance risk mitigation efforts.
• C. Validate design of IT data integrity and general controls and facilitating internal and external audits of technology processes
• Identify root cause and opportunities for improvement of internal controls and acquire consensus on remediation plans with key business partners (IT Operations, Product, Information Security and SOX teams).
• Remediate SOX and IT issues for audit and self-identified issues, including development of remediation plans, and managing execution of remediation plans to remediate risks in achieving operational and compliance objectives.
• Oversee the ongoing monitoring of risks and controls by the IT and financial 1st line and establish ongoing risk reporting for leadership.
• Also responsible for other Duties/Projects as assigned by business management as needed