IT Risk Analyst

Brilliant Earth - IT SOX Risk Analyst 

Position Overview: 

The IT Risk Analyst will play a crucial role in ensuring Brilliant Earth’s compliance with SOX regulations, focusing on IT General Controls, key report testing, risk assessments, and remediation activities. This position requires a deep understanding of IT audit practices, control procedures, and system implementations, with a focus on strengthening internal controls and mitigating IT-related risks. The Risk Analyst will work closely with cross-functional teams, including IT, security, data, compliance, and internal audit, to support SOX 404 assertions, conduct impact analysis, and help optimize the SOX compliance program.
Responsibilities: 

SOX Compliance & Risk Management: 

• Lead the development, documentation, and implementation of IT General Controls (ITGCs) for SOX compliance, ensuring alignment with regulatory requirements. 
• Conduct risk assessments across the technical landscape, including the review of system implementations, data migrations, and SDLC controls. 
• Lead the analysis of root causes, impact assessments, and remediation efforts related to control deficiencies. 
• Conduct periodic reviews of Segregation of Duties (SOD) and application controls across the company’s systems. 
• Review, assess, and evaluate system reports for accuracy, completeness, and effectiveness. 

Audit & Control Design: 

• Assist with IT audit requests and serve as a key liaison between IT and business teams during audits. 
• Collaborate with internal audit to design testing programs for SOX 404 assertions, ensuring that control procedures are appropriately tested and documented. 
• Manage the internal controls repository (Audit Board), ensuring it is up to date with control design and testing documentation. 
• Lead the design and implementation of controls for new systems, processes, and launches, ensuring that appropriate internal controls are in place before launch. 
• Work with third-party service providers to assess SOC reports and evaluate control practices for outsourced services. 

Process Improvement & Optimization: 

• Continuously seek opportunities to improve the efficiency and effectiveness of the SOX program through process optimization and automation. 
• Manage and lead company-wide training initiatives for process and control owners to ensure they are informed of internal controls and SOX compliance requirements. 
• Play a key role in the company’s annual and semiannual risk assessment processes, ensuring that emerging risks are identified and addressed in a timely manner. 

Stakeholder Engagement & Reporting: 

• Develop and present SOX compliance findings and assertions for leadership and Audit Committee meetings. 
• Foster collaboration with the IT, security, data, and compliance teams to ensure consistent and effective SOX documentation and monitoring. 
• Build strong partnerships with business and IT owners to coordinate remediation activities, develop and assist in executing remediation plans 
• Coordinate annual and periodic control and system certifications 
• Collaborate with internal and external auditors to streamline ITGC testing, walkthroughs, and audit procedures, driving efficiencies and minimizing business disruption. 

Qualifications: 

Required Experience & Skills: 

• 5+ years of experience in IT/Internal Audit or Risk Assurance, with a focus on SOX compliance and ITGCs. 
• Strong understanding of control procedures, frameworks (e.g., COSO), and risk assessment practices, with the ability to assess and manage risk within IT systems and processes. 
• Proven experience with IT audit, control testing, and process documentation. 
• Strong project management skills, with the ability to manage multiple tasks and prioritize competing demands effectively. 
• Excellent communication and interpersonal skills, with a demonstrated ability to build relationships and influence teams across departments. 
• Critical thinking and problem-solving abilities to analyze control deficiencies and propose effective remediation strategies. 
• Proficient in Microsoft Office suite applications, including Excel, Word, and PowerPoint. 

Preferred Qualifications: 

• Professional certifications such as CISA, CIA, CFE, or CISSP are highly preferred. 
• Experience working in public accounting with a PCAOB-registered firm. 
• Knowledge of IT project management principles and best practices. 
• Familiarity with ERP systems such as NetSuite, Salesforce, and Oracle, particularly with respect to SOX compliance and internal controls. 

What We Offer: 

At Brilliant Earth, we’re passionate about the employee experience. That’s why we offer an excellent training program and endless opportunities for career growth! In addition, we offer competitive compensation and a robust benefits package, including:

• Career Growth. We want to see you sparkle! Through regular 1-1’s with your manager, a variety of training opportunities, and an annual 360 review process for all employees, our leaders are dedicated to creating clear pathways for growth. Learn more about how Brilliant Earth creates a culture of collaboration and growth Here!
• Diverse, mission-minded team. We were founded to cultivate a more transparent, sustainable, compassionate, & inclusive jewelry industry. Learn more about our impact and team diversity Here!
• Lifestyle Spending Account. At Brilliant Earth, we're committed to your well-being. Enjoy company reimbursements for eligible wellness expenses, such as gym memberships, massage, counseling, and more! 
• Continued Education. Company-sponsored learning in leadership, professional skills, diversity & inclusion, and access to tuition reimbursement for role-specific trainings.
• Employee Discounts. As an employee at Brilliant Earth, you’ll receive a generous discount on our jewelry.
• Mental Wellness Perks. We offer access to mental health resources, such as self-care apps and seminars. Our Employee Assistance program offers 24/7 access to counseling! 
• Giving Back and Volunteer Opportunities. In addition to our giving back programs, our teams support local initiatives and spend time together by volunteering.
• Medical, Dental, and Vision. We offer multiple plans to choose from, including a $0 monthly premium option for employee health insurance and employer HSA contributions. Insurance kicks in on the first day of your 2nd month! 
• 401k match. We know that saving for the future is important. That's why we offer a generous 401k match.
• Open PTO Policy. We know it’s important to recharge and relax. 
• Parental Leave. We aim to support our growing families. Employees can utilize our paid parental leave to bond and care for their new additions.
• Disability and Life insurance. 100% employer-paid.
• Pre-Tax Commuter Benefits.

More About Us