Senior Manager, SOX - IT

Overview

We are looking for a highly skilled and detail-oriented Senior Manager, SOX – IT, to lead and manage the execution of our IT General Controls (ITGC) compliance activities as part of the company's SOX program. In this role, you will ensure the company's IT control environment supports an efficient and effective internal control framework to comply with Section 404 of the Sarbanes-Oxley Act (SOX).

This is a leadership role ideal for an experienced IT compliance professional who thrives in a fast-paced, highly collaborative environment and is adept at driving initiatives, identifying control weaknesses, and ensuring alignment with financial and operational audit standards.

About the Role

As the Senior Manager, SOX – IT, you will own all ITGC-related processes, including defining, testing, and optimizing IT controls over financial reporting (ICFR). You will take charge of maintaining compliance while proactively identifying risks and partnering with IT stakeholders to strengthen the control environment. Your contributions will directly impact the reliability of financial data and the compliance posture of the company.

About the Team

You will be part of the broader SOX Compliance and Controls team and work alongside professionals from accounting, finance, and IT, as well as external auditors. This collaborative and innovative team is focused on building a resilient compliance program to address operational, financial, and system-level risks while maintaining high standards for internal controls and governance.

About the Job

• ITGC Ownership:
• Lead the IT general controls (ITGC) component of the SOX program, including managing the identification and evaluation of IT processes and risks.
• Design and assess IT controls to support ICFR, such as access management, change management, and IT operations controls.
• SOX Compliance:
• Ensure IT controls comply with SOX requirements while staying aligned with COSO and PCAOB standards.
• Work with IT and finance stakeholders to resolve control deficiencies and drive remediation efforts in a timely and efficient manner.
• Collaboration with IT and Audit Partners:
• Partner with IT teams to implement, document, and maintain effective IT controls.
• Collaborate with internal and external auditors to coordinate audit schedules, provide evidence, and address IT audit findings.
• Risk Management and Process Improvement:
• Perform periodic risk assessments related to IT processes and evaluate the impacts of system implementations or changes on the control environment.
• Identify opportunities to automate IT controls and improve process efficiency.
• Testing and Reporting:
• Oversee testing efforts for ITGCs and collaborate on reporting outcomes to SOX leadership, executive management, and the Audit Committee.
• Provide recommendations to address identified issues and ensure robust controls are in place.
• Leadership:
• Educate and train IT teams on the importance of ITGCs and best practices in compliance.
• Mentor and guide other team members as a subject matter expert in ITGCs.

About You

Minimum Qualifications

• Bachelor’s degree in Information Technology, Accounting, or a related field; relevant certifications such as CISA, CISSP, or CPA.
• 10 years of experience in IT audit, SOX compliance, or risk management with a focus on ITGCs, preferably in a publicly traded company or Big Four public accounting firm.
• Demonstrated expertise in identifying, designing, and testing IT controls to support compliance standards.
• Deep knowledge of SOX 404, COSO framework, COBIT principles, IT security, and risk management practices.
• Hands-on experience with ITGC domains, including access management, change management, and disaster recovery.

Preferred Qualifications

• Advanced degree (MBA, MIS, or equivalent) is a plus.
• Experience managing IT SOX efforts for ERP systems such as Oracle, SAP, Workday (etc).
• Familiarity with cloud-based environments (e.g., AWS, Azure) and related control implications.
• Proven ability to communicate technical risks and control concepts to non-technical stakeholders, including senior executives and audit committees.
• Strong leadership, project management, and organizational skills, with a results-oriented approach.