IT SOX Compliance Manager

Group Security (GS) Risk, Architecture and Compliance Team is seeking a highly motivated IT SOX Compliance Manager.

The selected candidate will be part of the IT SOX Compliance team. The IT SOX Compliance team within Group Security is responsible for assessing Nokia’s IT SOX exposure and ensuring adherence to compliance requirements by establishing control frameworks, monitoring compliance, and providing subject matter expertise

This function will assume following responsibilities: 

• Maintain IT General Controls risk & control matrix, scoping of controls per application by collaborating with the Nokia Internal Controls Team.
• Establish SOX program governance to ensure adherence to the IT SOX requirements
• Perform risk assessments and ensure SOX readiness of the newly scoped in applications by coordinating with the Digital Office or Business Groups.
• Plan, drive and monitor the internal and external audit activities and ensure success by liaising internally with various stakeholders.
• Manage the deficiency reporting lifecycle, support effective remediations that mitigate identified risks and related exposure analysis.
• Perform impact assessment of IT SOX controls for projects and transformation programs and drive IT SOX compliance.
• Collaborate with internal stakeholders (CFO, Digital Office, Business Groups) in the governance forums, share periodic updates, and represent Group Security in the leadership update forums on IT SOX topics.

The following are the key tasks for the selected candidate:

• Work with Nokia Internal Controls to assess IT SOX risks, update and maintain the Control Catalogue, address IT SOX scoping topics.
• Collaborate with and provide subject matter expertise support to internal stakeholders from Digital Office and Business Groups on control design, implementation, and operation topics.
• Proactively identify and drive the improvement opportunities in the control environment.
• Coordinate IT SOX audits with internal and external auditors, handle governance and ensure smooth and timely completion of the audits.
• Advise & lead timely completion of remediation activities for the deficiencies and ensure appropriate exposure analysis is performed.
• Attend the governance forums and ensure alignment with the internal stakeholders (Nokia Internal Controls, Digital Office, Business Groups etc.,) on key IT SOX topics

• At least eight plus years of experience (including mandatory significant experience in Big 4 audit firms) in IT SOX audits/compliance, IT governance, risk and compliance
• Excellent knowledge of IT processes, applications, and infrastructure
• Experience with assessing and reviewing technology risks and controls over areas including access management, change management, and computer operations for IT applications and infrastructure (operating systems, databases, and network components) 
• In-depth knowledge and understanding of IT SOX requirements
• Solid organizational, analytical and problem-solving skills with the ability to gather and critically evaluate information
• Experience with ERP systems, preferably SAP
• Ability to work effectively independently and with cross-functional teams
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Strong proficiency in Microsoft Office
• Excellent command of written and spoken English.
• Education and Certifications (one or more of the below):
  • Undergraduate degree in information systems or computer science.
  • Advanced degree in engineering, cybersecurity, information assurance, information security, information systems or computer science.
  • Certified Information Systems Auditor (CISA).
  • Certified Information Systems Security Professional (CISSP).
  • The ability to work toward obtaining relevant certifications

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.