Requisition ID: 31771

Note: This job posting is to fill an existing vacancy.

Do you want to work at one of Hamilton-Niagara's Top Employers and a Canada's Top Employer for Young People ? We’re looking for people who are driven by excellence to work with innovative technology to create the material tomorrow’s world will be made of.

At ArcelorMittal Dofasco, we play a key role in North America’s advanced manufacturing supply chain working with the top automotive, energy, packaging, and construction brands to develop lighter, stronger and more sustainable steel products – from cans to cars.

We are embarking on a plan to transform our steelmaking production methods to significantly reduce greenhouse gas emissions in the short term, with the goal of achieving net zero by 2050. Our dedication to revolutionizing steelmaking as part of the climate change solution reinforces our status as a leader in North America .

ArcelorMittal Dofasco is Hamilton's largest private sector employer with more than 4,500 employees, shipping 4.5 million net tons of high quality flat carbon steel annually. Our iconic tagline "Our Product is Steel. Our Strength is People." is a true expression of our belief that our people are our competitive advantage.

ArcelorMittal Dofasco Job Posting Financial Department SOx ITGC Compliance Specialist (Permanent Position) ArcelorMittal Dofasco is seeking a proactive and detail-oriented SOX ITGC Compliance Specialist to support the execution of our IT General Controls SOX Compliance program. In this dynamic role, you will coordinate key compliance activities including User Access Reviews, ITGC testing, documentation, and remediation tracking. Working closely with the SOX ITGC Compliance Senior Lead, you’ll help strengthen our control posture, ensure audit readiness, and support continuous improvement initiatives. This position offers the opportunity to collaborate across departments, contribute to global compliance standards, and gain exposure to a wide range of technologies and business processes in a leading industrial manufacturing environment.

Overall Responsibility

• Supports the operational execution and tactical coordination of the IT General Controls SOX Compliance program.
• Responsible for assessing, monitoring, and improving the IT General Controls SOX Compliance Program.
• Supports, localizes and ensures compliance with globally issued IT SOX related requirements, policies, and compliance standards.
• Work in collaboration with the SOX ITGC Compliance Senior Lead to advise the IT department to continually strengthen control posture.
• Acts as a liaison between the IT Business Unit, other Business Units, auditors and 3rd parties to ensure compliance with internal control requirements and audit readiness.
• Primarily responsible for coordinating User Access Reviews (UARs), assisting in control testing, maintaining documentation, and ensuring timely remediation of deficiencies.

Key Responsibilities User Access Review (UAR) Coordination

• Coordinate and track periodic UARs across systems within the scope of the IT General Controls SOX Compliance Program.
• Communicate with reviewers to ensure timely completion and escalate delays.
• Validate role appropriateness, reporting structures, and employment status.
• Maintain audit trails and evidence for all UAR activities.
• Provide guidance on tool usage and role descriptions.

ITGC Testing Support

• Assist in the execution of Test of Design (TOD) and Test of Operating Effectiveness (TOE) for ITGCs.
• Collect and organize evidence for walkthroughs and control testing.
• Support remediation tracking and follow-up on open deficiencies.

Compliance Coordination

• With SOX ITGC Senior Compliance Lead, liaise with internal stakeholders (e.g. IT, Finance, Global Assurance) to align on compliance timelines and deliverables to foster a strong control environment and promote a culture of compliance.
• Collaborate with third-party service providers engaged in IT SOX testing activities, ensuring clear communication, adherence to timelines, and quality deliverables.
• Support the implementation of new or updated controls.
• Monitor control performance and flag potential issues for escalation.
• Support regular, ongoing dialogue with IT External Audit team to ensure timely provision of testing materials and coordination to reduce duplication of effort (e.g., joint walkthrough sessions).
• Work in collaboration with the SOX ITGC Compliance Senior Lead to coordinate key report testing and submission of testing result to external auditors.

Remediation & Control Enhancement

• Identify and guide IT Business Unit in remediating control deficiencies, collaborating on solutions and tracking progress.

Reporting & Documentation

• Assisting SOX ITGC Senior Compliance Lead to prepare status updates and dashboards for management and audit teams.
• Ensure documentation is current, complete, and aligned with global AM ITGC standards, including SOX.
• Assist in QAR (Quality Assurance Review) preparations and responses.

Automation, Optimization and Continuous Improvement

• Identify opportunities to automate control testing and monitoring processes using data analytics and automation tools, improving efficiency and scalability.
• Participate in the review and enhancement of the ITGC framework, ensuring it aligns with business needs and evolving technologies.
• Inquire and maintain an understanding of system development, key projects and potential changes to technology that could impact program scope. Identify gaps, support project team in designing and controls, and assessing the design and operating effectiveness of controls.
• Research, maintain currency with regulations and industry best practices related to IT controls and SOX compliance.

Project Management

• Support projects related to controls transformation, tracking milestones, coordinating teams, and ensuring timely delivery.
• Participate in projects aimed at improving overall governance, risk management, and compliance frameworks. This may include business engagement meetings, facilitation or co-facilitation of training and awareness sessions and presentations to stakeholders.

Risk Assessment and Program Methodology

• Review and provide feedback on IT risk assessments and remediation plans.
• IT SOX Methodology: Accountable for supporting development of local IT SOX related guidance, frameworks, testing requirements and communication expectations with control owners and service providers, as appropriate.
• Global IT SOX Methodology: Work collaboratively with IT SOX Lead to support the communication and implementation of Global IT SOX Methodology by the local team.
• IT Control Documentation: Ensure development or maintenance of relevant IT controls documentation (e.g., ITGC Business Application Scoping, IT Control Framework, risk-control matrices, narratives, flowcharts, test plans, etc.)

Education & Accreditation

• Bachelor's degree in Information Systems, Computer Science, or a related field.
• Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Internal Auditor (CIA) is considered an asset.
• Minimum of 3+ years of experience in IT audit, internal controls, or compliance, with a focus on SOX compliance.
• Prior Big 4 accounting firm experience is an asset.

Knowledge

• Intermediate to advanced knowledge of SOX requirements and supporting a SOX programs.
• Intermediate to advanced knowledge of SOX internal controls framework.
• Intermediate to advanced and practical experience in designing, evaluating, and testing various IT General Controls (ITGCs) across different technology environments, including but not limited to:
• Access Management (e.g., user provisioning, privileged access, segregation of duties, logical access reviews across applications, databases, and operating systems).
• Change Management (e.g., development, testing, and promotion to production, emergency changes, system configurations, patch management).
• System Operations (e.g., job scheduling, data backups and recovery, incident management, monitoring).
• Program Development (e.g., secure coding practices, system development lifecycle controls).
• Data Center Operations (where applicable).
• Network Security Controls (relevant to SOX scope).
• Database Security Controls
• Intermediate to advanced knowledge of IT controls, their application within a SOx environment, risk management frameworks, and industry standards (e.g., COBIT, COSO).
• Strong understanding of IT processes, systems, and technologies, including critical business applications (e.g., SAP ECC/S4HANA, financial systems), underlying infrastructure (servers, databases, networks), and cloud environments.
• Ability to identify risks and provide input to SOX ITGC Senior Compliance Lead on recommended cost-effective controls.Experience in industrial manufacturing (e.g., steel) is an asset.
• Understanding of how IT controls integrate with and support business process controls.
• Knowledge in Audit Board is an asset
• Familiarity with UAR tools and processes, including role-based access models.

Skills

• Strong coordination skills are required.
• Excellent communication skills (verbal and written) are required.
• Strong analytical skills and problem-solving ability.
• Excellent organizational and time-management skills to manage multiple tasks and deadlines with minimal supervision are required.
• Demonstrated and proven ability to work effectively in a team environment and maintain positive interpersonal relationships.
• Strong understanding of IT processes and various technologies used for custom development along with purchased packages where SAP experience is preferred. Ability to translate technical IT concepts into business risks and vice versa.
• Proficiency in Microsoft 365, data query and audit workflow tools.

Work Environment

• Office environment with some plant exposure on various projects.

Hours Of Work Days, Monday to Friday with extended hours as required to meet internal/external customer requirements.

Total Rewards at ArcelorMittal Dofasco

• We provide employees with a market competitive total compensation package. Our promise is to provide superior pay for superior performance, accompanied by comprehensive health and wellness, pension, vacation and related programs.

• Competitive hourly rates and shift premium

• On your first day you will immediately be eligible for:

• Bonus paid quarterly based on Company performance on key goals. Your bonus target will be 10% of base salary earnings.

• Company paid Defined Contribution Pension Plan. No employee contribution required. With employer contributions between 5 and 10%.

• Competitive vacation allowances

• Group Benefits with no health and dental premiums.

• For health and dental claims you only pay amounts above the maximums the plan pays.

• Life insurance premiums are shared with the company.

After two years of permanent company service you will participate in our Profit Sharing , where all permanent employees share equally in allocation of profits.

Other Immediate Benefits Include

• Competitive vacation entitlements
• PPE and workwear provided at no cost (if required)
• Wellness and Employee Assistance Programs
• Free access to three onsite fitness centers and our 70-acre recreation park with multiple arenas, fields and organized sports for you and your family

We would like to thank all those who apply in advance since only applicants selected to complete an online assessment will be contacted.

ArcelorMittal Dofasco is an equal opportunity employer and encourages all qualified candidates to apply and we are committed to providing accommodations for people with disabilities to support their participation in all aspects of the recruitment and selection process. If you require accommodation, we will work with you to meet your needs.