IT Risk Analyst

Brilliant Earth - IT SOX Risk Analyst 

Position Overview: 

The IT Risk Analyst will play a crucial role in ensuring Brilliant Earth’s compliance with SOX regulations, focusing on IT General Controls, key report testing, risk assessments, and remediation activities. This position requires a deep understanding of IT audit practices, control procedures, and system implementations, with a focus on strengthening internal controls and mitigating IT-related risks. The Risk Analyst will work closely with cross-functional teams, including IT, security, data, compliance, and internal audit, to support SOX 404 assertions, conduct impact analysis, and help optimize the SOX compliance program.  
 

Responsibilities: 

SOX Compliance & Risk Management: 

• Lead the development, documentation, and implementation of IT General Controls (ITGCs) for SOX compliance, ensuring alignment with regulatory requirements. 
• Conduct risk assessments across the technical landscape, including the review of system implementations, data migrations, and SDLC controls. 
• Lead the analysis of root causes, impact assessments, and remediation efforts related to control deficiencies. 
• Conduct periodic reviews of Segregation of Duties (SOD) and application controls across the company’s systems. 
• Review, assess, and evaluate system reports for accuracy, completeness, and effectiveness. 

Audit & Control Design: 

• Assist with IT audit requests and serve as a key liaison between IT and business teams during audits. 
• Collaborate with internal audit to design testing programs for SOX 404 assertions, ensuring that control procedures are appropriately tested and documented. 
• Manage the internal controls repository (Audit Board), ensuring it is up to date with control design and testing documentation. 
• Lead the design and implementation of controls for new systems, processes, and launches, ensuring that appropriate internal controls are in place before launch. 
• Work with third-party service providers to assess SOC reports and evaluate control practices for outsourced services. 

Process Improvement & Optimization: 

• Continuously seek opportunities to improve the efficiency and effectiveness of the SOX program through process optimization and automation. 
• Manage and lead company-wide training initiatives for process and control owners to ensure they are informed of internal controls and SOX compliance requirements. 
• Play a key role in the company’s annual and semiannual risk assessment processes, ensuring that emerging risks are identified and addressed in a timely manner. 

Stakeholder Engagement & Reporting: 

• Develop and present SOX compliance findings and assertions for leadership and Audit Committee meetings. 
• Foster collaboration with the IT, security, data, and compliance teams to ensure consistent and effective SOX documentation and monitoring. 
  • Build strong partnerships with business and IT owners to coordinate remediation activities, develop and assist in executing remediation plans 
  • Coordinate annual and periodic control and system certifications 
• Collaborate with internal and external auditors to streamline ITGC testing, walkthroughs, and audit procedures, driving efficiencies and minimizing business disruption. 

Qualifications: 

Required Experience & Skills: 

• 5+ years of experience in IT/Internal Audit or Risk Assurance, with a focus on SOX compliance and ITGCs. 
• Strong understanding of control procedures, frameworks (e.g., COSO), and risk assessment practices, with the ability to assess and manage risk within IT systems and processes. 
• Proven experience with IT audit, control testing, and process documentation. 
• Strong project management skills, with the ability to manage multiple tasks and prioritize competing demands effectively. 
• Excellent communication and interpersonal skills, with a demonstrated ability to build relationships and influence teams across departments. 
• Critical thinking and problem-solving abilities to analyze control deficiencies and propose effective remediation strategies. 
• Proficient in Microsoft Office suite applications, including Excel, Word, and PowerPoint. 

Preferred Qualifications: 

• Professional certifications such as CISA, CIA, CFE, or CISSP are highly preferred. 
• Experience working in public accounting with a PCAOB-registered firm. 
• Knowledge of IT project management principles and best practices. 
• Familiarity with ERP systems such as NetSuite, Salesforce, and Oracle, particularly with respect to SOX compliance and internal controls. 

What We Offer: 

At Brilliant Earth, we’re passionate about the employee experience. That’s why we offer an excellent training program and endless opportunities for career growth! In addition, we offer competitive compensation and a robust benefits package, including: 

• Insurance. Medical, dental, and vision insurance kick in on the first day of your 2nd month! 
• 401k match. We know that saving for the future is important. That's why we offer a generous 401k match. 
• Open PTO Policy. We know it’s important to recharge and relax. 
• Disability and Life insurance. 100% employer-paid. 
• Pre-Tax Commuter Benefits. 
• Continued Education. Company-sponsored learning in leadership, professional skills, diversity & inclusion, and access to tuition reimbursement for role-specific trainings. 
• Employee Discounts. As an employee at Brilliant Earth, you’ll receive a generous discount on our jewelry. 
• Wellness Benefits. We offer access to exclusive discounts on gym memberships and more, as well as an Employee Assistance Program for 24/7 access to counseling. 
• Giving Back and Volunteer Opportunities. In addition to our giving back programs, our teams support local initiatives and spend time together by volunteering 

More About Us
 

At Brilliant Earth, our mission is to cultivate a more transparent, sustainable, compassionate, & inclusive jewelry industry. We believe in creating jewelry you can feel good about wearing, without ever compromising between quality and conscience. We are hard-working team players that welcome challenges and rise to any occasion. Our community of collaboration, respect and encouragement is fostered by frequent team events, cross-departmental meetings and celebrating our wins, big and small. As one of the fastest growing e-commerce jewelers in the world, we're searching for bright and passionate people who are excited to make an impact from day one and grow with the company to take on greater responsibility over time.

Brilliant Earth recognizes the value of diversity and inclusion on our team, as we work together to reinvent fine jewelry in a thoughtful and modern way. At Brilliant Earth, we celebrate each other – our successes, the lessons along the way, and the unique perspectives each individual brings to our team. It is our intent to maintain a work environment and hiring process which is free of harassment or discrimination because of sex, race, religion, color, national origin, physical or mental disability, genetic information, marital status, age, sexual orientation, gender identity, military service, veteran status, or any other status protected by Federal, State or local laws. We are committed to complying with all Federal, State and local laws providing Equal Employment Opportunities, and all other employment laws and regulations.

If you need assistance or reasonable accommodation completing an application or at any stage of the interview process, please reach out to us at accommodations@brilliantearth.com.