WHAT IS BOX?

Box is the world’s leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500 and leaders across deeply regulated industries (such as AstraZeneca, JLL, and Nationwide), to protect their data, fuel collaboration, and power critical workflows with secure, enterprise AI.

By joining Box, you will have the unique opportunity to continue driving our platform forward. Content powers how we work. It’s the billions of files and information flowing across teams, departments, and key business processes every single day: contracts, invoices, employee records, financials, product specs, marketing assets, and more. Our mission is to bring intelligence to the world of content management and empower our customers to completely transform workflows across their organizations. With the combination of AI and enterprise content, the opportunity has never been greater to transform how the world works together and at Box you will be on the front lines of this massive shift.

Founded in 2005, Box is headquartered in Redwood City, CA, and we have offices across the United States, Europe, and Asia.

WHY BOX NEEDS YOU:

The IT SOX Analyst will be responsible for ensuring that the ITGC and Business Process Controls are compliant with SOX requirements. This role will include facilitating the evidence collection process with various enterprise systems teams, supporting testing, providing SOX training, and documenting processes and controls. You will also play a key role in identifying opportunities to automate and streamline the evidence submission process, ensuring efficiency and accuracy.

WHAT YOU'LL DO:

Collaborate with enterprise systems teams to gather necessary documentation and evidence for ITGC and Business Process Controls. Facilitate the timely submission of evidence required for SOX compliance testing, ensuring all deadlines are met. Support SOX testing and assist in the identification of control deficiencies or areas for improvement. Act as the point of contact between internal teams (IT, Finance, Internal Audit) to ensure smooth evidence gathering and submission. Develop and deliver SOX training to system administrators and other relevant stakeholders to ensure they understand their role in compliance activities. Maintain a readiness culture within the team, ensuring they are always prepared to support the SOX audit process and respond to audit requests. Keep all administrators and relevant teams informed on updates to SOX controls, policies, and procedures. Prepare and maintain documentation of ITGC and Business Process Controls, including detailed process flows, control narratives, and the evidence required for each control. Ensure all processes, controls, and evidence requirements are clearly documented for compliance audits. Maintain a repository of process and control documentation for easy access and reference by internal stakeholders and auditors. Identify opportunities to automate and streamline evidence collection and reporting processes to improve efficiency and reduce manual efforts. Collaborate with IT and enterprise systems teams to implement automation solutions that ensure compliance and enhance data accuracy. Continuously assess and optimize the effectiveness of controls and evidence management processes. Support the execution of control testing related to ITGC and Business Process Controls, ensuring that all tests are completed accurately and on time.Analyze results from testing and recommend improvements to internal controls based on identified risks or deficiencies.Assist in identifying and mitigating IT-related risks that could impact SOX compliance or the effectiveness of internal controls. Coordinate with external auditors during the SOX audit process, providing necessary documentation and explanations as required.Ensure that control deficiencies identified during audits are properly addressed and tracked for remediation.Prepare reports summarizing SOX audit progress, findings, and remediation efforts for management. Stay updated on changes to SOX regulations and industry best practices related to ITGC and Business Process Controls.Recommend and implement best practices to enhance SOX compliance, internal controls, and operational efficiency.Collaborate with cross-functional teams to ensure that new systems, applications, and processes are in compliance with SOX requirements.

 

WHO YOU ARE:

3+ years of experience in SOX compliance, internal audit, or related fields with a focus on ITGC and Business Process Controls. Experience working with enterprise systems teams to gather evidence for SOX audits. Hands-on experience with SOX testing, risk assessments, and documentation. Familiarity with SOX compliance requirements, ITGC frameworks, and Business Process Controls. Proficiency with compliance and audit tools (e.g., Auditboard, Workiva, MetricStream, TeamMate). Strong understanding of IT systems,  access management, and change management processes. Experience identifying opportunities to automate compliance processes or evidence collection workflows. Strong communication skills with the ability to explain technical SOX-related concepts to non-technical stakeholders.Experience providing training to cross-functional teams on SOX compliance and internal controls.Ability to collaborate with IT, Finance, and internal audit teams to gather evidence and resolve compliance issues. Excellent analytical and problem-solving abilities, with attention to detail in reviewing processes, controls, and evidence.Ability to assess risks, identify control deficiencies, and recommend solutions.

Preferred Skills

Certification in Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified SOX Professional (CSP) is a plus Experience with GRC platforms (Governance, Risk, and Compliance tools) is a plus

BENEFITS
Check out the overview of the benefits and additional perks offered at Box.

EQUAL OPPORTUNITY

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation.

For details on how we protect your information when you apply, please see our Personnel Privacy Notice.

For more details on how Box Poland protects your information, please see our Supplemental Personnel and Candidate Privacy Notice. 

Learn more about the Enterprise Systems Team from Hima Satoor, Director, Enterprise Systems Tech Delivery:  

#LI-KS2