IT SOX Auditor

Newport Corp.

Andover Shattuck, MA

MKS Instruments enables technologies that transform our world. We deliver foundational technology solutions to leading edge semiconductor manufacturing, electronics and packaging, and specialty industrial applications. We apply our broad science and engineering capabilities to create instruments, subsystems, systems, process control solutions and specialty chemicals technology that improve process performance, optimize productivity and enable unique innovations for many of the world’s leading technology and industrial companies. Our solutions are critical to addressing the challenges of miniaturization and complexity in advanced device manufacturing by enabling increased power, speed, feature enhancement, and optimized connectivity. Our solutions are also critical to addressing ever-increasing performance requirements across a wide array of specialty industrial applications. Additional information can be found at

A Day in Your Life at MKS: (Summary & Objectives)

As an IT Auditor at MKS, you will partner with MKS IT Functions, control owners, process experts, internal Finance auditors and external auditors to ensure compliance to established Sarbanes Oxley (SOX) controls throughout the year. You will execute testing, provide support to internal and external auditors, produce work paper documentation, identify control issues through an unbiased lens. In this role, you will report to an IT SOX Manager

You Will Make an Impact By: (Responsibilities)

  • Primary function will be to perform risk based/security audits in areas including, but not limited to, applications (internal & external facing), databases, operating systems, network, sensitive data, patch management, change management, BCP/DR, third party, cloud, etc.
  • Leverages appropriate resources for planning the audit engagement, and effectively leads interviews/meetings to ensure relevant information is obtained for analysis.
  • Effectively executes test procedures and concludes on the operating effectiveness of relevant controls through the development of formal reports
  • Produces work paper documentation that is clear and concise, provides adequate detail of work performed and conclusions reached, meets department and professional standards, and is sufficient to receive a satisfactory rating from reviewers
  • Identifies control issues and findings timely, and ensures findings are based on relevant facts and are accurately characterized (based on risk); provides guidance on control remediation, mitigating actions, and any follow up
  • Clearly communicates control findings to Internal Audit Management as they are identified

Skills You Bring: (Required Skills)

  • Bachelor’s degree in related field required (e.g., Computer Science, Management Information Systems, Accounting)
  • 2+ years experience in IT Audit, risk assurance and compliance programs or similar (Experience in a Big 4 audit firm highly preferred)
  • Familiar with SOX requirements and the COSO internal control framework, IT General Controls (ITGC) Risk-and Control-Matrix, control design and operating effectiveness of ITGCs, Segregation of Duty, SOC Report analysis
  • Must have working knowledge of tools & technical processes including identity & access management, database management; software development and quality assurance methodologies, change management, vulnerability management, penetration testing, data loss prevention, batch processing, business continuity/disaster recovery planning; enterprise architecture, telecommunications, data center operations, etc.
  • Must have working knowledge of most of the following Application Software (internal & external facing), Databases (SQL/Oracle), OS (Windows/Linux), Cloud Computing Systems, Microsoft Azure, Amazon Web Services (AWS), Active Directory, Microsoft Office 365, Virtualization, etc.
  • High level of initiative, ownership, continuous improvement as well as organizational, critical thinking and problem-solving skills

Preferred Skills:

  • Understanding of IT control frameworks (COBIT, ISO 27002, NIST, ITIL, etc.) is a plus.
  • Knowledge of SOX 302/404, SSAE 16/SOC1/2/3, PCI and/or GLBA is a plus
  • Experience working in a multi-national company

Physical Demands and Working Conditions:

  • This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, etc.
  • Position can be hybrid – 3 days in office, 2 days remote

Globally, our policy is to recruit individuals from wide and diverse backgrounds. However, certain positions require access to controlled goods and technologies subject to the International Traffic in Arms Regulations (ITAR) or Export Administration Regulations (EAR). Applicants for these positions may need to be “U.S. persons.” “U.S. persons” are generally defined as U.S. citizens, noncitizen nationals, lawful permanent residents (or, green card holders), individuals granted asylum, and individuals admitted as refugees.

MKS Instruments, Inc. and its affiliates and subsidiaries (“MKS”) is an affirmative action and equal opportunity employer: diverse candidates are encouraged to apply. We win as a team and are committed to recruiting and hiring qualified applicants regardless of race, color, national origin, sex (including pregnancy and pregnancy-related conditions), religion, age, ancestry, physical or mental disability or handicap, marital status, membership in the uniformed services, veteran status, sexual orientation, gender identity or expression, genetic information, or any other category protected by applicable law. Hiring decisions are based on merit, qualifications and business needs. We conduct background checks and drug screens, in accordance with applicable law and company policies. MKS is generally only hiring candidates who reside in states where we are registered to do business.

MKS is committed to working with and providing reasonable accommodations to qualified individuals with disabilities. If you need a reasonable accommodation during the application or interview process due to a disability, please contact us at: .

If applying for a specific job, please include the requisition number (ex: RXXXX), the title and location of the role