As an IT Senior Analyst, you are responsible for leading, reviewing, remediation, and support audits related activities to Sarbanes-Oxley (SOX), Privilege access review (PAR), Cybersecurity Maturity Model Certification (CMMC) Level 1 and 2.   

You will play a crucial role planning, executing, and reporting on audits related to Sarbanes-Oxley (SOX) compliance and Cybersecurity Maturity Model Certification (CMMC) requirements, to ensure our organization maintains robust internal controls over financial reporting and meets Department of Defense (DoD) cybersecurity requirements for handling Controlled Unclassified Information (CUI).  

The scope of work includes working with compliance team and preparing monthly, quarterly SOX report for all the applications under commercial tower.  You will also be working and collaborating with internal Cyber security, Infrastructure and Application teams to take the input and guidance regarding CMMC2 and other certifications.   

The ideal candidate will have a strong background in IT audit, cybersecurity frameworks, and regulatory compliance within highly regulated industries such as finance, defense, or healthcare. 

In addition, you will be working with team on license compliance for various applications this team supports.  A candidate should have experience working with SaaS vendors as most of the applications that we currently deal with on license consumptions are SaaS vendors. 

What You Will Do: 

• Perform activities by following Stryker’s compliance framework and processes. 

• Plan, execute, and report on SOX audits, focusing on IT General Controls (ITGCs) and application controls. 

• Evaluate and test internal controls, identify gaps, and recommend remediation strategies. 

• Collaborate with cross-functional teams (IT, finance, cybersecurity, legal) to ensure compliance and timely remediation. 

• Maintain audit documentation, risk assessments, and evidence repositories. 

• Support external auditors and DoD assessors during formal evaluations. 

• Monitor regulatory changes and update audit programs accordingly. 

• Provide training and guidance on SOX and CMMC requirements to  concerned stakeholders

What You Need: 

• Bachelor's Degree or equivalent from an accredited university required; bachelor’s degree in the areas of Information Systems, Cybersecurity or related field of study preferred.  

• 4 to 7 years of experience in SOX IT audits, license management, cybersecurity compliance.  

• License management for IT applications. 

• Strong understanding of PAR, SOX, CMMC, Risk management and internal control testing. 

• Demonstrated ability to lead and collaborate with cross-functional teams, and cross international geographical regions.