"Alerted.org

Position Overview

Atlas Energy Solutions is seeking a highly organized, detail-oriented IT Compliance Analyst – SOX & Access Controls to support and mature our Sarbanes-Oxley (SOX) IT General Controls (ITGC) compliance program. This role will serve as a central point of coordination between the Technology team, external auditors, internal audit partners, and control owners across the organization.

In addition to managing meetings, audit communications, and evidence collection, this individual will execute critical control operations — including access reviews, SOD monitoring, change management oversight, reconciliation processes, and deficiency remediation tracking — across all in-scope systems. The role also requires proactive collaboration with project managers, HR, and IT leadership to ensure a sustainable and audit-ready control environment.

Key Responsibilities

Audit Coordination & Communication

+ Schedule and facilitate meetings between internal stakeholders and external/internal auditors

+ Serve as the liaison between auditors and the technology team to triage and communicate audit requests

+ Track and ensure timely responses to auditor inquiries and evidence submissions

Evidence Management

+ Collect, validate, and maintain control-related evidence (e.g., UARs, PARs, password configs, change records)

+ Maintain a centralized audit evidence tracker with version control and status monitoring

Access Control Operations

+ Perform and document recurring User Access Reviews (UARs) and Privileged Access Reviews (PARs)

+ Review password configurations, access provisioning, and deprovisioning practices for compliance

+ Maintain and regularly update the Segregation of Duties (SOD) matrix, working with application owners to resolve conflicts

+ Reconcile HRIS and IAM systems to validate timely access removal upon termination or role change

Change Management Oversight

+ Coordinate with application teams and project managers to ensure adherence to change management controls

+ Review change tickets for approval, testing, and documentation completeness

+ Support continuous improvement of change control workflows and artifacts

Monitoring & Operational Controls

+ Collaborate with Technology team members to monitor and validate system-level controls (e.g., backups, job monitoring, logging)

+ Participate in walkthroughs or testing of infrastructure controls as needed

Controls Management, Testing & Remediation

+ Assist in drafting and maintaining control narratives and definitions for in-scope systems and tools

+ Support and perform internal control testing in coordination with audit or compliance teams to validate control design and effectiveness

+ Track and follow up on control deficiencies, audit findings, and remediation plans

+ Coordinate with control owners to ensure timely closure and documentation of corrective actions

Flexibility & Broader Compliance Support

+ During periods of lower SOX activity, this role may contribute to other compliance initiatives, such as ISO 27001, SOC 1/2, or similar certification efforts requiring IT participation

Qualifications

+ 3+ years of experience in IT compliance, SOX coordination, or audit support roles

+ Understanding of SOX ITGC domains (access, change, operations) and internal control design

+ Experience performing access reviews and reconciling control data across systems

+ Familiarity with project management processes, access governance, and issue remediation tracking

+ Excellent communication and organizational skills; able to work cross-functionally under deadlines

+ Comfortable handling sensitive access or security information with discretion

Preferred Qualifications

+ Knowledge of frameworks such as COBIT, NIST, ISO 27001, or SOC 1/2

+ Experience with GRC platforms (e.g., AuditBoard, Archer), IAM tools (e.g., Okta, Azure AD), or change management systems (e.g., Jira)

+ Exposure to enterprise platforms (ERP, CRM, custom applications) and cloud environments (Azure)