Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart, and accessible. Our technology, innovation, partnerships, and networks combine to deliver a unique set of products and services that help people, businesses, and governments realize their greatest potential. Title and Summary IT SOX Manager (Bogota) Overview The Manager, Internal Controls, will take a leadership role supporting our SOX Compliance program within the Finance Organization and will report into the Director of Internal Controls. This position will primarily focus on scoping and evaluation of general IT controls. The Manager will be responsible for managing and executing various aspects of the program including IT scoping, delivery of the program, and reporting of results. The Manager will work closely with the US and India-based SOX teams, shared services center, business owners, Technology Risk team, internal and external auditors, and regional controllers. Requirements for this position include extensive knowledge of IT General Controls framework, SEC/PCAOB regulations, COSO, and US GAAP, as well as the demonstrated ability to monitor an effective global risk-based internal control environment. Are you looking to join a fast-paced, collaborative environment supporting a world-class growing organization? Do you have the ability to think strategically and execute a complex project? Do you have a risk-based mindset? Are you IT savvy? Do you have the ability to drive change and improve awareness across the organization? Role Manage and execute various SOX program components, including IT scoping, IT risk assessment, stakeholder training on control-related best practices, control testing and review, remediation recommendations, deficiency evaluations, and executive reporting. Assess and determine design effectiveness of internal controls. Assist in evaluation of automated and IT general controls related to SOX readiness projects (grown and acquired businesses). Work with business owners to address potential control gaps requiring remediation. Partner with various business and finance teams including Accounting, Financial Planning, Treasury, Tax, Technology Risk, Shared Services, and Corporate Audit to assess internal controls. Evaluate information for completeness and accuracy (e.g., familiarity with SQL scripts). Review third-party vendor attestation and audit reports, providing feedback to stakeholders. Liaise with regional finance stakeholders and auditors. Ensure high-quality, timely deliverables. Identify efficiencies and opportunities for automation and process optimization. Exhibit strong project management skills and accountability. Exercise judgment with high standards of ethics and professionalism. Communicate effectively, understanding business complexities. All About You Fluent in English. Degree in Accounting, CPA, CISA, or equivalent. Strong understanding of IT control frameworks like COBIT, GAAP, PCAOB, Sarbanes-Oxley, COSO. Recent Big 4 experience in auditing or advisory services for Fortune 500 companies. Knowledge of financial internal controls and PCAOB standards. Experience building global stakeholder relationships. Knowledge of enterprise and web application technologies. Familiarity with automation tools is preferred. Proven project management skills for complex engagements. Excellent communication and interpersonal skills. Detail-oriented, self-motivated, and deadline-focused. Experience in risk management, audit, or compliance is a plus. Ability to influence, drive change, and resolve conflicts. Experience in fast-paced environments. Strong analytical and problem-solving skills. Up to 10% travel may be required. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks come with inherent risks. Every employee must: Abide by security policies and practices. Ensure confidentiality and integrity of accessed information. Report security violations or breaches. Complete mandatory security trainings. #J-18808-Ljbffr