IT Internal Controls Analyst

The IT Internal Controls Analyst supports and executes IT SOX compliance, audit readiness, and access governance activities across enterprise systems. Reporting to the Senior Manager, IT Controls, this role partners closely with IT, IT Application Security, and Audit teams to support IT General Controls (ITGCs), user access reviews, and audit support activities in a regulated environment. The ideal candidate has hands-on experience supporting SOX audits, interacting with external auditors, and working within ERP and GRC tool environments. This role requires sound judgment, strong documentation skills, and the ability to manage assigned audit and control activities with appropriate guidance and increasing independence over time., * Support IT SOX and IT General Controls audits, including evidence coordination, auditor inquiry responses, and remediation tracking

• Execute periodic user access reviews, including access validation, Active Directory checks, segregation of duties considerations, and remediation follow-ups
• Support SAP Change Management and SAP GRC activities, including transport reviews, CAB approval validation, Firefighter or sensitive access reviews, and audit evidence preparation
• Support SDLC controls for IT project implementations, including pre implementation risk and scope assessments and post implementation audits
• Support third party and SaaS audit requests, including SOC report coordination, complementary user entity control validation, and control confirmations
• Administer and coordinate AuditBoard (Optro) (or similar GRC tool) access for internal teams and external auditors
• Maintain audit ready ITGC documentation and evidence artifacts related to access controls, change management, and incident response
• Identify opportunities for control automation and process improvement to improve audit efficiency and consistency
• Contribute to audit status, remediation, and project reporting for IT leadership and audit stakeholders, You may have the right to access, delete, restrict, edit, move, or object to the use of your personal data. You may also have a right to report concerns to the authority responsible for data privacy in the country where the position is based or where you live or work.

You can learn more about Incyte's data protection practices here. By accessing this link you can learn about the types of personal data we collect, how we use it, whether collection and processing is optional, sources of the personal data we process, how it is shared, where it is stored or transferred to, how long we keep it, and contact information for Incyte, Incyte's data protection officer, and your supervisory authority (if applicable).

Please contact privacy@incyte.com if you have any questions or concerns or would like to exercise your rights. We appreciate, celebrate, and thrive on one another's differences and strengths and are proud to be an Equal Opportunity Employer. By valuing diversity of backgrounds and perspectives and prohibiting all forms of harassment, we are able to promote a collaborative and innovative work environment in which everybody can contribute to their fullest potential.

• Bachelor's degree in information technology/computer science/information systems/related field
• 1-3 years of hands-on experience in IT SOX, IT General Controls (ITGCs), or technology risk/compliance
• Strong understanding of user access controls, identity lifecycle management, and segregation of duties
• Experience supporting SDLC controls, including pre and post implementation reviews for IT projects
• Hands-on experience working in ERP environments (SAP preferred), including access or change-related controls
• Working knowledge of GRC platforms such as AuditBoard, SAP GRC, or ServiceNow GRC
• Experience interfacing with external auditors and supporting detailed audit requests
• Strong documentation, organizational, and written communication skills
• Ability to work independently and collaborate with U.S. and EU-based stakeholders

Preferred Qualifications

• CISA certification (completed or actively pursuing)
• Experience supporting Big 4 or large public accounting firm audits
• Prior experience in regulated industries such as Life Sciences, Pharmaceuticals, Healthcare, or Financial Services

A global biopharmaceutical company on a mission to Solve On, Incyte follows science to find solutions for patients with unmet medical needs. Through the discovery, development, and commercialization of proprietary therapeutics, Incyte has established a portfolio of first-in-class medicines for patients and a strong pipeline of products in Hematology, Oncology and Inflammation and Autoimmunity Headquartered in Wilmington, Delaware, Incyte has operations in North America, Europe, and Asia. Role Summary