Principal Internal Control over Financial Reporting Analyst - ITGC
Company: Navy Federal Credit Union
Location: Vienna
Posted on: July 1, 2025
|
|
|
Job Description:
To provide internal control guidance, evaluate control
effectiveness, and recommend improvements to control-related
practices. Research and establish new practices to ensure credit
union control alignment with Section 404 of the Sarbanes Oxley Act
(SOX). Work closely with key business partners to understand
processes, financial statement risks, and key financial controls to
reduce the risk of financial misstatement. Collaborate with
business units to mitigate risk by virtue of new control-centric
processes and automation. Responsible for gathering data, creating
reports, documenting and assessing Internal Control over Financial
Reporting (ICFR), and producing evidence of control operational and
design effectiveness to facilitate the delivery of auditable
evidence to internal and external auditors. Lead complex/unusual
tasks of considerable impact that require advances analysis. This
role will be on the ICFR team within the Finance organization and
will support ICFR initiatives, specifically related to IT controls
as it relates to financial reporting risks (i.e. user access,
change management, and application-level controls related to
year-end financial statement audits). Responsibilities • Lead
multi-disciplinary control initiatives to evaluate controls,
specifically IT general controls and application controls, and
ultimately transform any control gaps into mature control
environments • Evaluate the operational performance of existing
controls and devise remediation strategies that align control
performance with the appropriate risk mitigation methodology •
Gather and review existing policies, process narratives, and
process models to develop insight into the current state of
business and IT processes • Partner with external and internal
auditors to establish audit scope, evidence, priorities and testing
procedures that will serve as the foundation for the subsequent
audit execution strategy • Design, develop, and implement Key
Control Matrices (KCMs) that summarizes a broad range of business
and IT processes into a control-centric and executive-ready audit
deliverable • Creates and recommends remediation plans for existing
ICFR related Information Technology General Computer (ITGC)
controls to address control gaps in design effectiveness • Validate
and update SOX documentation (e.g., process narratives, and KCMs)
as needed to ensure accuracy and completeness • Identify industry
best practices associated with risk management and develop
subordinate qualitative and quantitative methodologies needed to
address those risks using effective controls • Produce detailed
timelines and milestones for control-related project that enables
external tracking and performance appraisal • Review results from
control and substantive testing to facilitate the remediation of
control gaps and escalate possible critical issues to senior
management • Develop and maintain strategic plans to evaluate new
risk and/or control-based technologies likely to have a significant
future impact on team activity • Lead project teams that resolve
highly technical and complex preventative, detective, or corrective
control problems • Lead, guide and mentor junior staff • Ensure
preventative, detective, and corrective controls are properly
identified and aligned with business and IT priorities such that
new controls have an insignificant negative impact on the
successful realization of business and IT objectives • Solve
control-related business and IT problems by defining the problem,
interviewing stakeholders, identifying and evaluating alternatives,
and presenting findings • Identify business and IT areas that may
benefit from SOX 404 or industry best practices as applicable •
Perform other related duties as assigned Qualifications • Advanced
knowledge of SOX including GAAP principles, financial statement
preparation, and internal accounting controls • Significant
experience with General Ledger (GL) technology including but not
limited to data integration, accounting rules engines, and
financial data hubs/warehouses/marts • Significant experience
re-designing processes to be consistent with SOX 404 guidance and
partnering with business unit personnel to complete the
transformation • Significant experience with extracting and
documenting information technology application control/process
information • Significant experience assessing the design and
operational effectiveness of complementary user entity control
considerations in SSAE 16/18 SOC 1 Type II reports (experience
creating attestations for service organization is preferred) and
SSAE 16/18 SOC 2 Type II reports • Extensive experience in problem
resolution including determining root cause, scope and scale of
issues • Significant experience in leading large
projects/initiatives which have business risk and impact •
Extensive experience in managing multiple priorities independently
and/or in a team environment to achieve goals • Experience in
leading, guiding and coaching professional staff • Extensive
experience that demonstrates the ability to research, compile, and
document data, business processes, and workflow • Advanced
knowledge of IT infrastructure, including operating systems (OS),
database management systems (DBMS), databases (Oracle/DB2/SQL
Server), and queries (SQL) • Advanced skill presenting to
stakeholders & management • Expert skill interpreting and
synthesizing large amounts of information • Advanced skill in
project management to include establishing and leading project
teams; managing timelines/deadlines/resources; ensuring successful
project implementation • Advanced skill analyzing and organizing
problems or work processes for technical solutions • Advanced skill
presenting findings, conclusions, alternatives and information
clearly and concisely • Advanced skill interacting with staff,
management, vendors and members diplomatically and tactfully •
Bachelor’s degree in accounting, Information Systems, Information
Technology, or related field, or the equivalent combination of
experience, education and training Desired Qualifications •
Certified Information Systems Auditor (CISA), Certified Public
Accountant (CPA), or Certified Internal Auditor (CIA) designation
Hours: Monday - Friday, 8:30AM - 5:00PM Locations: 820 Follin Lane,
Vienna, VA 22180 | 5550 Heritage Oaks Drive, Pensacola, FL 32526
About Us Navy Federal provides much more than a job. We provide a
meaningful career experience, including a culture that is
energized, engaged and committed; and fierce appreciation for our
teams, who are rewarded with highly competitive pay and generous
benefits and perks. Our approach to careers is simple yet powerful:
Make our mission your passion. • Best Companies for Latinos to Work
for 2024 • Computerworld® Best Places to Work in IT • Forbes® 2025
America’s Best Large Employers • Forbes® 2024 Americas Best
Employers for New Grads • Forbes® 2024 Americas Best Employers for
Tech Workers • Fortune Best Workplaces for Millennials™ 2024 •
Fortune Best Workplaces for Women ™ 2024 • Fortune 100 Best
Companies to Work For® 2025 • Military Times 2024 Best for Vets
Employers • Newsweek Most Loved Workplaces • 2024 PEOPLE® Companies
That Care • RippleMatch Recruiting Choice Award • Yello and WayUp
Top 100 Internship Programs
Keywords: Navy Federal Credit Union, Bowie , Principal Internal Control over Financial Reporting Analyst - ITGC, IT / Software / Systems , Vienna, Maryland
