IT Risk Analyst

Brilliant Earth - IT SOX Risk Analyst 

Position Overview: 

The IT Risk Analyst will play a crucial role in ensuring Brilliant Earth’s compliance with SOX regulations, focusing on IT General Controls, key report testing, risk assessments, and remediation activities. This position requires a deep understanding of IT audit practices, control procedures, and system implementations, with a focus on strengthening internal controls and mitigating IT-related risks. The Risk Analyst will work closely with cross-functional teams, including IT, security, data, compliance, and internal audit, to support SOX 404 assertions, conduct impact analysis, and help optimize the SOX compliance program.
Responsibilities: 

SOX Compliance & Risk Management: 

• Lead the development, documentation, and implementation of IT General Controls (ITGCs) for SOX compliance, ensuring alignment with regulatory requirements. 
• Conduct risk assessments across the technical landscape, including the review of system implementations, data migrations, and SDLC controls. 
• Lead the analysis of root causes, impact assessments, and remediation efforts related to control deficiencies. 
• Conduct periodic reviews of Segregation of Duties (SOD) and application controls across the company’s systems. 
• Review, assess, and evaluate system reports for accuracy, completeness, and effectiveness. 

Audit & Control Design: 

• Assist with IT audit requests and serve as a key liaison between IT and business teams during audits. 
• Collaborate with internal audit to design testing programs for SOX 404 assertions, ensuring that control procedures are appropriately tested and documented. 
• Manage the internal controls repository (Audit Board), ensuring it is up to date with control design and testing documentation. 
• Lead the design and implementation of controls for new systems, processes, and launches, ensuring that appropriate internal controls are in place before launch. 
• Work with third-party service providers to assess SOC reports and evaluate control practices for outsourced services. 

Process Improvement & Optimization: 

• Continuously seek opportunities to improve the efficiency and effectiveness of the SOX program through process optimization and automation. 
• Manage and lead company-wide training initiatives for process and control owners to ensure they are informed of internal controls and SOX compliance requirements. 
• Play a key role in the company’s annual and semiannual risk assessment processes, ensuring that emerging risks are identified and addressed in a timely manner. 

Stakeholder Engagement & Reporting: 

• Develop and present SOX compliance findings and assertions for leadership and Audit Committee meetings. 
• Foster collaboration with the IT, security, data, and compliance teams to ensure consistent and effective SOX documentation and monitoring. 
• Build strong partnerships with business and IT owners to coordinate remediation activities, develop and assist in executing remediation plans 
• Coordinate annual and periodic control and system certifications 
• Collaborate with internal and external auditors to streamline ITGC testing, walkthroughs, and audit procedures, driving efficiencies and minimizing business disruption. 

Qualifications: 

Required Experience & Skills: 

• 5+ years of experience in IT/Internal Audit or Risk Assurance, with a focus on SOX compliance and ITGCs. 
• Strong understanding of control procedures, frameworks (e.g., COSO), and risk assessment practices, with the ability to assess and manage risk within IT systems and processes. 
• Proven experience with IT audit, control testing, and process documentation. 
• Strong project management skills, with the ability to manage multiple tasks and prioritize competing demands effectively. 
• Excellent communication and interpersonal skills, with a demonstrated ability to build relationships and influence teams across departments. 
• Critical thinking and problem-solving abilities to analyze control deficiencies and propose effective remediation strategies. 
• Proficient in Microsoft Office suite applications, including Excel, Word, and PowerPoint. 

Preferred Qualifications: 

• Professional certifications such as CISA, CIA, CFE, or CISSP are highly preferred. 
• Experience working in public accounting with a PCAOB-registered firm. 
• Knowledge of IT project management principles and best practices. 
• Familiarity with ERP systems such as NetSuite, Salesforce, and Oracle, particularly with respect to SOX compliance and internal controls. 

What We Offer: 

At Brilliant Earth, we’re passionate about the employee experience. That’s why we offer an excellent training program and endless opportunities for career growth! In addition, we offer competitive compensation and a robust benefits package, including:

• Career Growth. We want to see you sparkle! Through regular 1-1’s with your manager, a variety of training opportunities, and an annual 360 review process for all employees, our leaders are dedicated to creating clear pathways for growth. Ask the hiring team for more information on how Brilliant Earth creates a culture of collaboration and growth during your interview conversations! 
• Diverse, mission-minded team. We were founded to cultivate a more transparent, sustainable, compassionate, & inclusive jewelry industry. Learn more about our impact and team diversity Here! 
• Lifestyle Spending Account. At Brilliant Earth, we're committed to your well-being. Enjoy company reimbursements for eligible wellness expenses, such as gym memberships, massage, counseling, and more! 
• Continued Education. Company-sponsored learning in leadership, professional skills, diversity & inclusion, and access to tuition reimbursement for role-specific trainings.
• Employee Discounts. As an employee at Brilliant Earth, you’ll receive a generous discount on our jewelry.
• Mental Wellness Perks. We offer access to mental health resources, such as self-care apps and seminars. Our Employee Assistance program offers 24/7 access to counseling! 
• Giving Back and Volunteer Opportunities. In addition to our giving back programs, our teams support local initiatives and spend time together by volunteering.
• Medical, Dental, and Vision. We offer multiple plans to choose from, including a $0 monthly premium option for employee health insurance and employer HSA contributions. Insurance kicks in on the first day of your 2nd month! 
• 401k match. We know that saving for the future is important. That's why we offer a generous 401k match.
• Paid Time Off. We know it’s important to recharge and relax.
• Parental Leave. We aim to support our growing families. Employees can utilize our paid parental leave to bond and care for their new additions.
• Disability and Life insurance. 100% employer-paid.
• Pre-Tax Commuter Benefits.

More About Us