SOX IT Program Manager

Ferrovial is one of the world’s leading infrastructure operators, committed to developing sustainable solutions. 

Our company operates in more than 15 countries and has a workforce of over 24,000 professionals worldwide. Ferrovial is listed simultaneously on 3 stock markets: USA (Nasdaq), the Netherlands (Euronext Amsterdam), and Spain (IBEX 35), and is a member of the Dow Jones Sustainability Index and FTSE4Good.

The aim of Ferrovial Corporation is to design the Company's strategy, establishing global policies, guidelines and action guides related to the different functional areas of the Organization (Internal Audit, Finance, Human Resources, Legal, IT, Innovation, etc.), which subsequently are developed and adapted to the specificities of each Business Unit. Additionally, it performs a function of providing corporate services to the different companies of the group, while consolidating its information.

Mission:

Ferrovial is facing a historical and challenging milestone to be listed in the US Stock Exchange Market and for that is enhancing its internal control system for SOX compliance. The Manager will assist in supervision of the audit staff and be responsible for managing planning and completion of assurance and advisory engagements. They will assist in supervision of the SOX program implementation and be responsible for oversight of the outsourced assurance providers' progress to ensure timely completion of agreed upon deliverables.

Responsibilities:

• Manage SOX IT implementation and operation in Ferrovial at a global level including the different companies and business units in scope.
• Oversee the definition and maintenance of Risks & Controls Matrices, Flowcharts and Narratives for all the applications in the scope. This includes:
  • ITGCs and IT processes.
  • ITACs
  • IPEs
• Manage the process to keep the GRC tool up to date in terms of ITGCs, ITACs, IPEs, applications and other SOX key assets.
• Define and deploy criteria to determine whether an application is in-scope.
• Define and deploy applications onboarding and offboarding processes.
• Perform risks assessments in applications to identify key and non-key controls.
• Provide and manage support to IT Teams throughout Internal Audit continuous audit program, as well as SOX external audits.
• Manage communication and coordination with auditors.
• Oversee definition, implementation and follow up of remediation plans for all the elements in scope (ITGCs, ITACs & IPEs) resulting from the different audit processes, as well as changes in the organization, IT environments, etc.
• Report to SOX Governing Bodies. Define and elaborate KGIs and KPIs in coordination with financial department, internal audit and IT.
• Coordination and communication with other areas (Cybersecurity, Compliance) to align internal control models.
• Contribute to the growth and development of the team by providing coaching, continuous feedback, and training.
• Identify opportunities to increase efficiency and/or reduce costs related to the SOX compliance effort.
• Provide ongoing education to process owners on evolving SOX regulations and company finance and information systems policies.
• Contribute to internal digitalization and the automation of SOX related processes such as generation of documents, evidence, reports, action plans, etc.
• Define and overview the automation evidence implementation strategy
• Accountable of the rationalization and friction progressive reduction of the SOX Compliance campaigns
• Overview and stimulate the test and adoption of specific tools with the aims of reducing manual intervention and time consuming.

Requirements

• Bachelor's degree in Computer Science or Telecommunication with more than 8 years of experience in SOX IT compliance/ assessment projects, either as part of audit engagement teams or in SOX IT advisory engagements. At least 5 years in a Big 4 accounting firm.
• Experience in the implementation of a SOX IT Program in the company side will be also considered as a plus.
• Knowledge of a wide range of technology (applications, infrastructure, networking, IT management controls). Experience with SAP and Archer is helpful.
• Knowledge of cybersecurity frameworks (e.g., NIST, ISO27001, NIST CSF, etc.).
• A solid understanding of SOX compliance requirements; including PCAOB requirements.
• Understands business processes (e.g., Order to cash, procure to pay, financial reporting etc.) and audit and internal control testing techniques.
• Detail oriented, self-motivated work style and flexible with good prioritization skills. Ability to multi-task and work in a fast-paced, global team-oriented environment, managing various stakeholders with competing demand.
• Strong project management, people management, and communication skills.
• Professional qualification such as CISA, CISM, ISO 27001 Lead Auditor or equivalent is an asset.
• Ability and willingness to travel – up to 20% of the year.
• Fluent in English and Spanish.

Why Ferrovial?

We would like you to get to know us better, and what it means to join our team. Joining Ferrovial means taking the leap to:

• Being part of a leading company in its sector
• A solid and innovative company project
• Challenging roles and projects
• Work with the best professionals in a collaborative environment
• Attractive benefits
• Feedback processes implemented to ensure professional growth
• Diversity and inclusions initiatives
• Global and cross Business Units Mobility

What can we offer you?

• Employment stability with a permanent contract since the beginning
• Individual development plan with technical and soft skills training
• Restaurant card: 11€ for each full-time day
• Work-life balance: flexible hours, shorter working days on Fridays, Christmas time, eastern and summer, company specially days-off, and purchase of vacations
• Flexible Remuneration Plan: Medical insurance, Nursery Tickets, Vehicle rental, life and accident Insurance, stock bonus, collective savings insurance, transport card
• Gympass Enrollment
• Free access to the Stimulus Program (Psychological support for employees and family members)
• Assignment of a buddy who will accompany you throughout the trip, to support your professional and personal development during your first three months
• Employee’s Club: discounts to employees on item purchases, shows ticket reservations, trips, etc
• Vending Machines card: refreshments in the cafeteria
• Healthy snacks

If you are passionate about challenges, and you think you fit in the described profile, do not hesitate to sign up for the offer. Take the jump! We are waiting for you!