← all jobs

IT Audit Principal

Work from home Full-time role Hiring

What you'll be doing Lead the evaluation and ongoing monitoring of ITGCs to ensure adequate design, operating effectiveness, efficiency, and compliance with SOX requirements and regulatory expectations. Assess cybersecurity controls that intersect with ITGC domains, including identity and access management, privileged access, logging/monitoring, vulnerability management, and incident response. Drive evaluation of broader cybersecurity programs (e.g., NIST, ISO 27001) as dictated by our audit plan and underlying business objectives. Provide thought leadership and partnered advisory in the planning, scoping, and execution of IT SOX testing activities, including risk assessments and control rationalization. Evaluate System Development Life Cycle (SDLC) controls to ensure secure system implementation practices, including secure coding, change management, and vulnerability remediation. Partner with cybersecurity teams to assess risks related to cloud environments, infrastructure, and applications, ensuring appropriate controls are designed and operating effectively. Act as a liaison to external auditors for ITGC and cybersecurity-related audits, ensuring alignment and timely communication of findings. Lead root cause analysis and provide recommendations for control deficiencies, including those related to cybersecurity incidents and/or control gaps. Provide independent and objective advisory to IT and business stakeholders on control design, risk mitigation, and cybersecurity best practices. Develop, review, and maintain IT control documentation, including process flows, narratives, and control matrices, ensuring alignment with both SOX and cybersecurity requirements. Oversee and enhance the quarterly SOX certification process, incorporating cybersecurity risk considerations where applicable. Monitor emerging cybersecurity threats, regulatory changes, and industry trends, and assess their impact on the organization’s control environment. Enable continuous improvement initiatives across IT Audit and cybersecurity programs, including automation and deployment of new technologies. Support executive leadership with special project advisory that inform strategic initiatives, risk assessments, and special transformational projects as needed. Build and leverage AI solutions and workflows to enable capacity or unlock capability for an Internal Audit function. What you'll likely bring 8+ years of progressive experience in IT audit, IT compliance, SOX, and/or cybersecurity risk management (public accounting and/or industry). Big 4 is a plus. Specialized experience in the Software industry. Bachelor’s degree in Information Systems, Cybersecurity, Accounting, Finance, or related field. Relevant certifications such as CISA, CISSP, CISM, CRISC, CIA, or CPA (or equivalent). What can set you apart Deep experience auditing or supporting systems such as Kinetic, SalesForce, Workday, Microsoft Azure (Entra ID), Active Directory, and different types of cloud environments (IaaS, PaaS, and SaaS). Strong knowledge of ITGC domains (Access Management, Change Management, Interfaces, Backups, Disaster Recovery), SDLC, and their intersection with cybersecurity controls. Deep experience performing cybersecurity audits. Strong understanding of SOX requirements (e.g. 302, 404), principles-based internal control-integrated framework (COSO), IT Frameworks (e.g., COBIT) and cybersecurity control frameworks (e.g., NIST CSF, ISO 27001, CIS Critical Security Controls). Understanding of data protection, privacy regulations, and secure architecture principles. Experience leveraging automation and tools such as Workiva Wdesk, GRC platforms, and AI tools (ChatGPT, Copilot, Claude, etc.). Strong analytical, problem-solving, and risk assessment skills. Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organization. Ability to manage multiple priorities, execute complex tasks, and operate both strategically and tactically. #LI-CM1 #HYBRID About Epicor At Epicor, we’re truly a team. Join 5,000 talented professionals in creating a world of better business through data, AI, and cognitive ERP. We help businesses stay future-ready by connecting people, processes, and technology. From software engineers who command the latest AI technology to business development reps who help us seize new opportunities, the work we do matters. Together, Epicor employees are creating a more resilient global supply chain. We’re Proactive, Proud, Partners. Whatever your career journey, we’ll help you find the right path. Through our training courses, mentorship, and continuous support, you’ll get everything you need to thrive. At Epicor, your success is our success. And that success really matters, because we’re the essential partners for the world’s most essential businesses—the hardworking companies who make, move, and sell the things the world needs. Competitive Pay & Benefits Health and Wellness: Comprehensive health and wellness benefits designed to support your overall well-being. Internal Mobility: Opportunities for mentorship, continuing education, and focused career goal setting, with 25% of positions filled internally. Career Development: Free LinkedIn Learning licenses for everyone, along with our Mentoring Program to boost your personal development. Education Support: Geographically specific programs to balance the cost of education with the benefits of continued learning and personal development. Inclusive Workplace: Collaborate with a diverse team in an inclusive, global workplace that fosters innovation and celebrates partnership. Work-Life Balance: Policies built on mutual trust and support, encouraging time off to rest, recharge, and reconnect. Global Mobility: Comprehensive support for international relocations and permanent residency processes. Equal Opportunities and Accommodations Statement Epicor is committed to creating a workplace and global community where inclusion is valued; where you bring the whole and real you—that’s who we’re interested in. If you have interest in this or any role- but your experience doesn’t match every qualification of the job description, that’s okay- consider applying regardless. We are an equal-opportunity employer. Recruiter: Christi McCall At Epicor, we know that success comes from working together. Everyone has a role to play, and it’s the essential partnerships across our company that are crucial to our customers' success and our growth as a business. We’re truly a team. Working in close partnership, we bring wide-ranging talents together in powerful collaborations. We think innovatively, share our knowledge generously, and constantly learn from our colleagues. We’re proud of the success we achieve every day, but we never stop challenging ourselves and encouraging each other. Together, we go further and imagine an even brighter future. Whatever your career journey, we’ll help you find the right path. Through our training courses, mentorship, and continuous support, you’ll get everything you need to thrive. At Epicor, your success is our success. And that success really matters, because we’re the essential partners to the world’s most essential businesses – the hardworking companies who make, move, and sell the things the world needs. Thank you for considering a career with Epicor. Whether you're exploring opportunities on our careers page, preparing for a phone screen or interview, have already applied, or have been through our application process, we appreciate your interest and the time you have invested. We are committed to showing you how much we care about your future. Epicor Career Assistant can help you land a job nearly 2.5x faster than the national average. We've brought you the best job searching tools all in one place, at no cost to you. At Epicor, we believe putting people first is the right thing to do. Click here to get started. At Epicor, we are committed to upholding the highest standards of integrity and transparency. We have become aware of phishing scams where individuals pose as our recruiters, hiring managers, and/or HR Business Partners to obtain personal information. These scams can seem legitimate, but it's important to know how to protect yourself. How to Identify Phishing Scams: Epicor Will Never Ask for Payment: Our recruiters will never ask for payment to apply for a position or as a condition of employment. For example, any required background check will be facilitated by Epicor. Beware of Misleading Communications: Do not pay any fees to individuals, agencies, or employment portals related to an interview or other interaction with Epicor. Epicor will not be responsible for any loss or damage suffered. Verify Authenticity: All legitimate Epicor communication will come from the following alias/domains: "[email protected]", "[email protected]", and/or "First name.Last [email protected]". The only valid domain is www.epicor.com. Verify job positions on our careers site at jobs.epicor.com and confirm that the recruiter you speaking to is listed on the requisition. Be cautious of generic emails and check for misspellings of Epicor or non-Epicor email addresses (e.g., gmail.com, yahoo.com, or even close variations like @epicor.talent.com). If you have any questions or encounter any suspicious emails, job postings, and/or communication from what appears to be Epicor, please report them to [email protected] immediately.

More open positions

Volunteer: Website Messaging & User Experience Audit

Work from home Full-time role

Remote GRC (Governance, Risk, and Compliance) and Data Privacy Consultant

Work from home Full-time role

Senior GRC Analyst, HIPAA

Work from home Full-time role

Project Manager/ w GRC (REMOTE)

Work from home Full-time role

Looking for Security GRC Analyst (W2 Only) - 100% Remote

Work from home Full-time role

Remote Occupational Therapist in SC

Work from home Full-time role

Head of Growth Marketing and Lifecycle (NYC or Berlin)

Work from home Full-time role

Medical Transcription Remote Jobs - Type and Edit Healthcare Documents | Earn $25-$35 Per Hour

Work from home Full-time role

||Hiring Now – Remote Entry-Level Role | Flexible Schedule | Quick Start Available

Work from home Full-time role

Inbound Customer Service Representative- Remote

Work from home Full-time role

[Remote] Data Management Coordinator

Work from home Full-time role

Business Analyst - Finance Operations Continuity (Remote)

Work from home Full-time role

Nationwide Notary Signing Agent for Loan Closings

Work from home Full-time role

W2 Contract- C2H - Fully Remote Position- MYSQL DBA

Work from home Full-time role

Analyst, Procurement Systems (remote)

Work from home Full-time role

Supervisor of Security Operations (Remote From Anywhere In Colorado) (OIT Only)

Work from home Full-time role

Tech Lead, Android Core Product - College Station, TX, USA

Work from home Full-time role

[Hiring] Clinical Research Associate II / Sr. CRA @Rho Inc

Work from home Full-time role

Account Executive, SMB Team Sales - Cincinnati, OH

Work from home Full-time role

Sr. Product Manager

Work from home Full-time role

Data Analyst (Hybrid)

Work from home Full-time role