IT SOX&Risk Mgmt Analyst

Company: Gulfstream Aerospace Corporation

Preferred skills include the following:

• Ability to translate complex technical vulnerabilities into business impacts
• Python and SQL experience
• Hardening Standards experience establishing baselines
• Control Compliance efforts
• Problem Solving and Data Analytics experience
• People skills to include team player, collaboration, relationship building, influencing, active listening, translation of technical terms

Bachelor's Degree in IT related area, Business Administration required or equivalent combination of education and experience sufficient to successfully perform the essential functions of the job. 5 years of Finance, Accounting, or Information Technology functions or relevant experience.

Position Purpose
:
Under general supervision, supports the IT governance function with an emphasis on Sarbanes Oxley (SOX), Risk Management, and Internal Audit. The position works closely with accounting on SOX control testing, reporting and remediation plans. It also works closely with the business and IT on internal audit, internal assessments, establishing controls, continuous process improvement, and remediation plans. Monitors compliance with operating policies and procedures that affect both IT and the company as a whole.

Principle Duties and Responsibilities (Essential Functions):

• Support Annual IT SOX Effort and annual Internal Audit Efforts.
• Working with Accounting, define the annual IT SOX audit plan and the Internal Audit Plan.
• Coordinate the scheduling of IT audits with Accounting, IT Management, Process Owners and other interested parties.
• Report interim and final audit findings and recommendations.
• Maintain open lines of communication with accounting, IT, and the business.
• Meet all internal and external audit deadlines.
• Operational Management Support of IT SOX and Cyber Security.
• Collaborate with process owners, Accounting, and Internal/External Audit, and other experts to manage tasks.
• Regularly evaluate new or revised processes/controls to ensure they are operating effectively.
• Obtain signoff from management of the revised processes within each manager’s area of responsibility.
• Maintain a library of project documentation.
• Prepare and deliver training workshops, sessions, materials, and presentations to assist process owners, employees, and management with transition from old processes or controls to new ones.
• Regularly report progress to management team, stakeholders and other parties.
• Manages Patch and Vulnerability Team (PVT) efforts.
• Reports PVT Metrics.
• Manages Risk Assessments process.
• Monitors compliance with organization policies and standards.
• Identifies opportunities that use information security methodologies and / or controls to improve processes, documentation, or other areas of security related performance.

Perform other duties as assigned.

• Advanced degree or certification desirable. Masters Degree may offset one year where a PhD in related field may be used to reduce work experience by two years.

A credit history check from a national credit bureau will be conducted for all candidates for this position including new hires and current employees seeking promotion or transfer.

This job requires one to be able to read, write, speak, and understand the English language.

Requisition Number: 231449

Category: Information Systems

Percentage of Travel: Up to 25%

Shift: First

Employment Type: Full-time

Posting End Date: 03/13/2026

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Gulfstream does not provide work visa sponsorship for this position, unless the applicant is a currently sponsored Gulfstream employee.

Nearest Major Market: Savannah

Job Segment: Risk Management, Internal Audit, Compliance, Cyber Security, Business Process, Finance, Legal, Management, Security