6th March 2026
IT Control/SOX Analyst
Business Analyst
London
Up to £500 per day (outside IR35)
IT Control/SOX Analyst
City of London (hybrid)
Up to £500 per day – outside IR35
On behalf of a growing insurance business, I am seeking an experienced IT Control/SOX Analyst on an initial 6-month contract basis. You will play a key role in assessing, testing, gathering attestation information, monitoring process and ensuring that our IT controls meet the requirements for SOX compliance. You will collaborate closely with cross-functional teams to provide advisory services, identify gaps, recommend improvements, and help implement solutions that mitigate risks and improve overall control effectiveness.
We are pleased to offer this role on a hybrid basis with an expectation of 3 day per week in their City of London office.
Responsibilities:
- Perform detailed assessment and evaluation of IT controls for SOX compliance, focusing on areas such as access controls, change management, system development, and data integrity.
- Provide feedback to control owners around internal controls, assessments, remediation, and documentation.
- Collaborate with stakeholders to gather evidence required for audits of IT internal controls and key operational process and ensure SOX compliance requirements are met.
- Identify potential risks and assist in developing strategies for mitigating those risks.
- Maintain and update the IT scoping and risk assessments, including maintaining the internal IT controls, procedures, and documentation
- Assist in the development of testing plans, procedures, and scripts to assess the design and operational effectiveness of IT controls.
- Provide guidance on remediation efforts for identified deficiencies and assist with implementing corrective actions.
- Improve IT Controls and Process documentation (ie, work with process owners to refine risk control Matrix, improve process flows, refine/develop test procedures, propose control language and associated risks etc.)
- Maintain up-to-date knowledge of regulatory requirements and best practices in IT controls and SOX compliance.
- Assist with the quarterly IT Controls certification process with business process owners, aligning with reporting timelines.
Skills/Experience required:
- At least 3 years of experience in SOX IT auditing, compliance or a similar role, with hands-on experience in testing IT systems, applications, and security controls.
- Strong understanding of SOX compliance requirements and IT general controls (ITGCs) and IT Automated Controls (ITACs), including design, implementation, and testing requirements within a SOX framework
- Excellent knowledge of a wide range of technology (infrastructure, applications, networking, cyber security, IT governance).
- Familiarity with IT control frameworks such as COBIT, NIST or ISO 27001.
- Excellent analytical, problem-solving, verbal and written communication skills with the ability to interact effectively with all levels of management
- Ability to work independently, in a fast-paced environment manage multiple tasks, and meet deadlines.
- Bachelor’s degree in Information Technology, Computer Science, Accounting or a related field, with a preference for Certifications such as CISA, CISSP, or CRISC.
Consultant - Brendan Connolly
Telephone: 0207 392 7512
Email: brendan.connolly@spencer-rose.com
Share This Position