ITT is a leading manufacturer of critical components for harsh environments that serves fast-growing end markets in flow, aerospace and defense, energy and transportation. Building on our heritage of innovation, we partner with our customers to deliver solutions to the key industries that underpin our modern way of life.
Headquartered in Stamford, CT, we have more than 11,700 employees globally with operations in ~40 countries and sales in more than 125. At our core is our engineering DNA, with 1,280+ engineers, 1,700+ active global patents and ~51 manufacturing locations.

Our businesses are organized in three distinct segments, each based around our core engineering DNA: 

Industrial Process: A global leader in centrifugal and twin-screw pumps and engineered valves for chemical, energy, mining, and industrial applications. Our leading brands include the iconic Goulds Pumps (with more than 175 years of history), Bornemann, Habonim, Engineered Valves, Rheinhütte Pumpen and Svanehøj. 

Motion Technologies: A global leader in brake pads (ICE and electrified brake pads) and shock absorbers (energy absorption solutions) for transportation applications. Our leading brands include Friction Technologies, KONI and Axtone.

Connect and Control Technologies: A leader in critical applications for the aerospace, defense and industrial markets, including harsh environment connectors and control components. Our leading brands include ITT Cannon, Enidine, Aerospace Controls and kSARIA. 

This role focuses on ensuring the Information Technology’s function is compliant with various compliance frameworks such as Sarbanes-Oxley (SOX), ISO27001, NIST 800-171, NIS2 and similar regulatory frameworks by assessing, auditing and monitoring IT systems, processes and controls to ensure they adhere to the relevant frameworks.

The position requires close collaboration with internal IT teams, external and internal auditors, IT leadership, and multiple departments globally to:

• Lead compliance assessments
• Identify gaps, potential compensating controls / mitigations
• Provide clarity on compliance status
• Define action plans to remediate gaps or enhance compliance posture
• Act as a project manager to own, lead and facilitate remediation / improvement efforts.

For a person to be successful in this role, they will need to be highly driven (“high motor”), able to balance multiple  active priorities, detail oriented, planful, comfortable in searching out and addressing ambiguity, able to consistently deliver results to achieve intended business outcomes, persists with a naturally curious and highly accountable mindset, and approaches situations in a thoughtful and process-oriented manner. 

This role comes with an enormous opportunity to gain experience professionally, functionally, technically, and personally in an efficient and collaborative team atmosphere with global reach.

• Work closely across a developed network of relationships that span functions, Value Centers, geographies and third- party partners.
• Work and follow up with designated control owners to have control evidence collected in a timely fashion.
• Facilitate communication and alignment among the auditors and the control owners.
• Act as single point of contact to manage audit escalations.
• Prepare reports/trackers to help the control owners plan for the evidence extraction and submission to the auditors.
• Conduct audits and assessments of IT systems and processes against compliance frameworks.
• Prepare documentation and evidence for internal and external audits.
• Collaborate with IT leadership and stakeholders to address compliance gaps.
• Work with the control owners to develop and implement remediation plans for identified control gaps and or deficiencies. Drive the implementation of risk-mitigation/corrective actions as appropriate.
• Evaluate and test internal controls, conduct risk assessments and gap analyses, collaborate with the ITT control owners and the auditors to address compliance issues.
• Maintain knowledge of evolving compliance requirements and update processes accordingly.
• Support the walkthroughs and assessments, including tests of design and tests of effectiveness.
• Create and maintain detailed documentation of IT control processes, narratives, risk and control matrices.
• Define and implement repeatable practices and processes based on identified risks and/or result from internal control testing.
• Collaborate with internal and external auditors to support audit activities and provide necessary documentation.
• Participate in projects, as a functional lead, when executing the integration of business units into SOX compliance.
• Act as primary administrator of the internal compliance tools to support the audit process and maintain the evidence inventory for future reference.
• Prepare and present reports on IT compliance status, findings, remediation actions and recommendations to senior management. Enhance/create Power-BI reports and present detailed status reports
• Expand the assessment of ITT’s internal systems for all compliance frameworks, as requested.
• Assist with other compliance efforts, as requested.
• Develop and update internal controls documentation and LMS training modules, keeping them current.

Train IT and non-IT stakeholders on IT compliance requirements and best practices.

• Bachelor's degree in fields such as Information Technology, Computer Science, Accounting, or Finance.
• 4-5 years’ experience in IT audit, compliance, or risk management roles.
• Strong understanding of SOX regulations, risk management, and internal IT controls.
• Experience with IT internal controls testing is a mandatory requirement.
• Proficiency in administering and using audit and compliance software tools.
• Experience with SOC and ISO27001 Information Security frameworks is a plus.
• Experience with vulnerability management processes is a plus.

Certifications such as Certified Information Systems Auditor (CISA), Certified Sarbanes-Oxley Expert (CSOE), or Certified Internal Auditor (CIA) are a plus.

• Strong knowledge of the SOX compliance framework and IT General Computer Controls.
• Strong analytical skills: ability to analyze complex data, identify risks, and develop solutions to mitigate/address risks as appropriate.
• Able to work in ambiguous contexts: works following a detail-oriented approach and has demonstrated ability define clear action items and ownership to address/resolve the situation at hand.
• Excellent oral and written communication skills. Strong documentation skills.
• Excellent problem-solving skills.
• Strong understanding of the organization’s goals and objectives.
• Solid relationship management skills.
• Excellent interpersonal skills, with a focus on listening and questioning skills.
• Ability to absorb and retain information quickly.
• Strong and natural attitude to be detail oriented.
• Ability to work independently and effectively prioritize and execute tasks in a high-pressure environment.
• Ability to stay updated on changes in SOX regulations and best practices.
• Experience with working as part of a global team and able to accommodate flexible working hours to support US-based stakeholders as required.