Senior Manager, SOX - IT

Overview

We are looking for a highly skilled and detail-oriented Senior Manager, SOX – IT, to lead and manage the execution of our IT General Controls (ITGC) compliance activities as part of the company's SOX program. In this role, you will ensure the company's IT control environment supports an efficient and effective internal control framework to comply with Section 404 of the Sarbanes-Oxley Act (SOX).

This is a leadership role ideal for an experienced IT compliance professional who thrives in a fast-paced, highly collaborative environment and is adept at driving initiatives, identifying control weaknesses, and ensuring alignment with financial and operational audit standards.

About the Role

As the Senior Manager, SOX – IT, you will own all ITGC-related processes, including defining, testing, and optimizing IT controls over financial reporting (ICFR). You will take charge of maintaining compliance while proactively identifying risks and partnering with IT stakeholders to strengthen the control environment. Your contributions will directly impact the reliability of financial data and the compliance posture of the company.

About the Team

You will be part of the broader SOX Compliance and Controls team and work alongside professionals from accounting, finance, and IT, as well as external auditors. This collaborative and innovative team is focused on building a resilient compliance program to address operational, financial, and system-level risks while maintaining high standards for internal controls and governance.

About the Job

• Develop and Oversee SOX Program Execution:
• Own the end-to-end execution and oversight of the SOX compliance program.
• Ensure compliance with Section 404 of SOX, including appropriate documentation, testing, and optimization of internal controls.
• Lead risk assessments to identify and prioritize key financial, operational, IT general controls (ITGCs), IT application controls (ITACs), and business process controls.
• Ensure the design, implementation, and testing of all relevant controls-including ITGCs, ITACs, and business process controls-are fully integrated within the SOX compliance framework to support accurate and reliable financial reporting.
• Collaborate with IT, technology, and business teams to assess the impact of system or process changes on all controls, maintaining their effectiveness throughout business and technology transformations

• Strategy and Governance:
  • Drive the overall strategy to protect financial reporting integrity and enhance compliance.
  • Regularly report SOX program updates, risks, and remediation actions to the Chief Financial Officer, Audit Committee, and other senior stakeholders.

• Team Leadership:
• Lead, mentor, and grow a high-performing SOX compliance team with a focus on technical excellence and operational efficiency.

• Collaboration and Advisory:
• Partner with cross-functional teams, including accounting, finance, IT, and external auditors, to ensure alignment on SOX requirements.
• Provide advisory support on risk mitigation and process improvement opportunities.

• Control Enhancements and Automation:
• Leverage technology to streamline control processes and improve transparency.
• Assess the impact of system changes or business transformation initiatives on the control environment to ensure compliance continuity.

• Audit Management:
• Serve as the primary point of contact for external and internal audit teams related to SOX compliance efforts.
• Communicate deficiencies, non-compliance issues, and suggestions for resolution.

About You

Minimum Qualifications

• Bachelor’s degree in Information Technology, Accounting, or a related field; relevant certifications such as CISA, CISSP, or CPA.
• 10 years of experience in IT audit, SOX compliance, or risk management with a focus on ITGCs, preferably in a publicly traded company or Big Four public accounting firm.
• Demonstrated expertise in identifying, designing, and testing IT controls to support compliance standards.
• Deep knowledge of SOX 404, COSO framework, COBIT principles, IT security, and risk management practices.
• Hands-on experience with ITGC domains, including access management, change management, and disaster recovery.

Preferred Qualifications

• Advanced degree (MBA, MIS, or equivalent) is a plus.
• Experience managing IT SOX efforts for ERP systems such as Oracle, SAP, Workday (etc).
• Familiarity with cloud-based environments (e.g., AWS, Azure) and related control implications.
• Proven ability to communicate technical risks and control concepts to non-technical stakeholders, including senior executives and audit committees.
• Strong leadership, project management, and organizational skills, with a results-oriented approach.