IT Compliance Sr. Analyst

 Join UCT and be part of the fastest-growing sector in the world! We indirectly touch every semiconductor chip that goes into every smartphone, smart car, and device that uses artificial intelligence. This is a critical time for the semiconductor industry and for UCT - as technology evolves, we evolve with it. UCT is a diverse workplace where every talented employee is committed to continuous innovation, challenging the status quo and exceeding customer expectations. If you are a person with a relentless drive to succeed, a strong focus on quality with a passion for success – join us today!  

UCT is looking for a talented IT Compliance, Sr. Analyst to join us in Austin, TX or Phoenix, AZ!

The IT SOX Compliance Senior Analyst is responsible for supporting Sarbanes-Oxley (SOX) compliance efforts related to IT systems and processes within a complex, publicly traded company. This role helps ensure that the organization’s IT controls over financial reporting, including IT general controls (ITGCs) and IT-dependent controls, are properly designed, documented, and operating effectively in accordance with SOX Section 404 requirements. The position partners closely with IT process owners, internal and external auditors, and cross-functional stakeholders to support a strong IT compliance framework, monitor control execution, and assist with timely remediation of identified deficiencies.

As a key member of the IT Compliance team, the Senior Analyst is expected to execute control testing, coordinate walkthroughs, maintain process narratives and control documentation, and track remediation activities across the SOX program. This role works closely with Information Security, Internal Audit, external auditors, and business stakeholders to identify compliance gaps, strengthen controls, and enhance audit readiness, with a particular focus on ITGCs, system-generated reports, interfaces, and other IT-dependent controls that support financial reporting.

The ideal candidate demonstrates strong analytical, organizational, and communication skills, with the ability to manage multiple priorities in a fast-paced environment. Experience supporting SOX compliance programs, testing IT general controls (ITGCs), evaluating IT-dependent controls, and working with ERP environments such as SAP is strongly preferred. Familiarity with audit methodologies, control frameworks, and continuous improvement initiatives is also highly desirable.

 Essential Duties and Responsibilities: 

• Lead SOX ITGC and application control testing, including design and operating effectiveness assessments.
• Conduct control evaluations, compliance reviews and risk assessments.
• Perform control design analysis and recommend improvements to IT processes.
• Coordinate and lead walkthroughs with internal and external auditors.
• Manage remediation plans, validate corrective actions, and ensure timely closure.
• Develop and maintain IT compliance policies, standards, and procedures.
• Provide guidance and mentoring to junior analysts.
• Partners with IT and PMO teams to embed compliance requirements into system design, cloud environments, and operational processes.
• Evaluate new technologies and system changes for compliance impact.
• Act as a liaison between IT, business units, and leadership on compliance matters.
• Researching and documenting security and compliance best practices for devices, applications, and emerging technologies.
• Evaluate compliance with the organization's security policies and making recommendations for areas of improvement.
• Researching and documenting compliance best practices for systems, applications, and emerging technologies.
• Experience navigating complex organizations, developing, and delivering vision through various communication strategies and presentations to senior-level executives and technical audiences.

Other Duties 

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Knowledge, Skills and Abilities:  

• Strong understanding of SOX ITGCs, application controls, and IT audit methodologies.
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Ability to interpret regulatory requirements and translate them into actionable controls.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Excellent communication and stakeholder management skills.
• Ability to work independently on complex tasks while contributing to team initiatives.
• High level of integrity and commitment to protecting organizational assets.
• Ability to analyze complex security issues and communicate findings clearly to technical and non-technical audiences.
• Hands-on experience with compliance management software (AuditBoard, OneTrust, Workiva) or similar enterprise security technologies.
• Hands-on experience with ERP business processes and roles and experience with access control software (SAP GRC, Pathlock, OpenPages) or similar enterprise technologies.
• Strong understanding of risk principles, authentication concepts, logging, SDLC, backup and restore, and change management.
• Deep understanding of segregation of duty principles and application.
• Ability to communicate complex technical issues to various audiences, including leadership.
• Demonstrates a strong understanding of control assessment techniques and processes.
• Strong analytic and problem-solving skills.
• Strong oral & written communications to include report development and delivery.

Educational/Certification Requirement:  

• Bachelor’s degree in Accounting or business related field - or equivalent experience. 
• Bachelor’s degree in Information Security, Computer Science, or related field — or equivalent experience.
• Industry risk certification a strong plus (CPA, CISA, CRISC, or CISM).

Experience Requirement:

• Work Experience: 5–7 years of experience in IT compliance, IT audit, SOX/ITGC, or IT risk management.
• 3+ years of hands-on experience supporting SAP environments, preferably supporting SAP FI modules.
• Strong knowledge of IT controls over SAP financial systems, including access provisioning, segregation of duties, change management, batch processing, and system security.
• Demonstrated experience supporting SOX compliance by performing and coordinating audit testing, walkthroughs, and remediation activities in systems impacting financial reporting.
• Demonstrated ability to assess risks impacting financial reporting, evaluate control design and operating effectiveness, and support remediation of identified deficiencies.
• Experience collaborating with cross-functional stakeholders, including finance, IT, SAP security, internal audit, and external auditors, to maintain a strong controls environment.
• Working knowledge of SAP financial processes and underlying security/control considerations across key business areas such as general ledger, accounts payable, accounts receivable, cost accounting, and fixed assets.
• Experience with compliance documentation, audit coordination, issue tracking, and continuous improvement of IT control processes.
• Ability to operate independently, manage multiple priorities, and communicate effectively with both technical and non-technical audiences.
• Strong knowledge of:
• Cloud security (Azure, AWS, or GCP)
• Experience with SAP or IAM security environments.
• Identity and access management concepts.
• Knowledge of automation/reporting tools such as Power BI or Power Automate.
• Security frameworks (NIST CSF, CIS Controls, ISO 27001).

Ultra Clean Technology is proud to be an equal-opportunity employer. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under laws and regulations.