Callaway Golf Company is a leader in total performance, premium golf equipment and active lifestyle products while also being a great place to work! We are passionate and push the limits of innovation. We dare to be great while acting with integrity and respect. We stay hungry, yet humble. All while having fun and making golf enjoyable for everyone!
Our company is a blend of experience and diverse backgrounds, and our leaders have a strong history of building and selling successful initiatives. We are working to build a truly groundbreaking company, and we want top-notch people to join us in that mission.
This position is responsible for the management of the Company’s global IT Compliance including Sarbanes Oxley (SOX) 404 Information Technology compliance, PCI DSS, and others as identified. This position will also support Privacy compliance efforts including CCPA and GDPR in coordination with the Law department and the Director, Global Information Security and IT Compliance.
This position will also lead the SOX 404 scoping and risk assessment process; develop documentation and testing standards; manage, review, and perform required testing of general computer, application controls, and reports; administer the development and implementation of remediation plans to address IT deficiencies; coordinate the execution of quarterly SOX 404 process owner certifications related to information technology
ROLES AND RESPONSIBILITIES
- Lead the planning and execution of IT-related compliance work required under SOX 404.
- Manage, review, and perform required testing of general computer and application controls. Analyze and evaluate evidentiary data as a basis for an informed, objective opinion on the adequacy and effectiveness of the IT-related controls subject to testing.
- Monitor the Section 404 self-assessment process and evaluate the operating effectiveness of controls at the process level. Manage the implementation of corrective actions/remediation.
- Coordinate annual Section 404 testing and evaluate results.
- Provide ongoing support to all significant process owners to support senior management’s annual attestation regarding the effectiveness of internal controls over financial reporting.
- Work closely with the Internal Audit department to coordinate control and compliance activities.
- Lead SOX 404 scoping and risk assessment meetings.
- Manage the PCI compliance effort including quarterly scans, penetration tests and annual self-assessments.
- Strong understanding of global privacy compliance requirements such as GDPR and CCPA. Will work closely with the Law department to execute projects.
TECHNICAL COMPETENCIES (Knowledge, Skills & Abilities)
- Strong management and leadership skills: people, processes, and technology.
- Ability to interpret and analyze data processing outputs, recognize error trends or inefficiencies and formulate solutions.
- Familiarity with SOX control processes and current rulings and guidance.
- Broad understanding of IT systems, software, networks, and the IT concepts used to evaluate the compliance of such systems.
- Excellent communications skills, both verbal and written including ability to effectively present information to management.
- Ability to prioritize and manage multiple projects simultaneously, while adhering to deadlines.
- Strong Project Management skills.
- Excellent organizational and time management skills.
- Able to maintain discipline while working in a production landscape.
EDUCATION AND EXPERIENCE
- Bachelor’s degree or equivalent work experience.
- Minimum 5 years combined IT or auditing experience, preferably in an organization using SAP or in public accounting with large, complex clients with SAP/ERP environments.
- Professional certification (CISA, CPA, and/or CIA) a plus.
- Sarbanes-Oxley 404 experience with understanding of internal control frameworks (COBIT/COSO) helpful.
- Experience with PCI DSS standards and the implementation of compliant processes and projects.
Experience with global privacy standards such as GDPR and CCPA.
Callaway Golf is an Equal Opportunity Employer.