SOX IT Analyst

Hims & Hers is the leading health and wellness platform, on a mission to help the world feel great through the power of better health. We are redefining healthcare by putting the customer first and delivering access to care that is affordable, accessible, and personal, from diagnosis to treatment to delivery. No two people are the same, so we provide access to personalized care designed for results. By normalizing health & wellness challenges and innovating on their solutions, we’re making better health outcomes easier to achieve. 

Hims & Hers is a public company, traded on the NYSE under the ticker symbol “HIMS.” To learn more about the brand and offerings, you can visit hims.com/about and hims.com/how-it-works . For information on the company’s outstanding benefits, culture, and its talent-first flexible/remote work approach, see below and visit www.hims.com/careers-professionals.

Our SOX team manages all aspects of Sarbanes-Oxley (SOX) Act compliance, including overseeing the effectiveness, efficiency, and scalability of the company's processes, systems, and underlying internal control environment, whether through the SOX compliance efforts or by conducting special projects. To support business growth, we have created a new SOX IT Analyst role. This role will be reporting to the Head of SOX and is remote based. As an IT Analyst, you will assist in facilitating the SOX Annual Cycle, including supporting the documentation refresh process, assisting in executing annual risk assessments, and preparing IT partners for control walkthroughs. Other responsibilities include performing SOX IT process testing, with the expectation of appropriately communicating testing results to management. This position acts as an advisor to our IT partners to drive continuous process improvement.

• Work with IT partners to gain an understanding of the process, risks, and key controls and assist in updating applicable process documentation, including updating control descriptions, testing attributes and flowcharts.

• Plan and execute IT process SOX testing and documentation activities with consistent quality, including testing of non-routine SOX controls.

• Maintain SOX status trackers with internal stakeholders, the SOX team and external auditors, and assist in resolving the open items in a timely manner.

• Assist with scheduling walkthroughs and calendaring meetings for SOX Annual Cycle.

• Participate in key SOX special projects (System Implementations, Segregation of Duty Assessments, Fraud Risk Assessments).

• Advise IT partners in designing new processes and controls.

• Make recommendations regarding the efficiency and effectiveness of processes, controls, and procedures to ensure data integrity and security.

• Assist with deficiency remediation tracking and validate closure of issues.

• Assist with managing SOX compliance software, AuditBoard.

• Assist with providing routine training and support to process owners to ensure a thorough understanding of the SOX program, risk and control requirements; help prepare the process owners for walkthroughs and ensure timely delivery of all requested information for SOX testing.

• Facilitate key SOX special projects (system implementations, significant business and process changes).

• Build strong working relationships with business partners and external auditors.

• Champion risks and controls considerations across the organization.

• B.S. in Finance or Accounting, or IT/Computer Information Systems, or equivalent.

• 2+ years of experience in public accounting and/or industry preferred

• Hold or be on track to obtain one or more industry-related certifications, such as Certified Public Accountant, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)

• Strong understanding of financial audit and financial & operational internal control methodologies and terminology (e.g. COSO), as well as the Sarbanes Oxley Act of 2002, including documentation and testing

• Fundamental understanding of IT security and infrastructure

• Proven technical understanding of financial accounting and Generally Accepted Accounting Principles (U.S. GAAP), and understanding of and ability to research and apply guidance to changing control environment

• Experience with scoping and testing IT systems and IT controls preferred

• Experience administering and using a GRC tool (preferred)

• Detail-oriented and exceptionally organized

• Excellent written and verbal communication skills to “engage in the conversation”

• Confidence / willingness to ask questions and raise issues / concerns in a timely manner

• Must be able to multi-task, work efficiently under tight deadlines and proactively track and report progress

• Sound professional judgment and business acumen

• Self-motivated to apply learned experiences and leverage best practices