Enterprise Systems Compliance Manager

About The Position

Requirements

• Bachelor’s degree in Information Technology, Information Systems, Computer Science, Accounting, or a related field is required.
• 8+ years of IT audit, compliance, or security and compliance program leadership, specifically in enterprise systems environments.
• CISA, CRISC, or equivalent certification required.
• Direct experience leading IT SOX audits, ITGC programs, and full-cycle audit cycles in partnership with internal and external (Big Four) audit.
• Working knowledge of enterprise GRC and audit platforms including AuditBoard, Archer, and SAP or ControlPanel GRC, with the ability to operationalize the tool, not just use it.
• Practical experience with SailPoint, OKTA, or equivalent identity platforms, including role redesign, SOD remediation, and access certification programs.
• Track record of building automated control testing, automated provisioning, and other compliance automation that frees the team for higher-value work.
• You see the company as a series of interconnected loops. You understand how a delay in procurement ripples through the MES and eventually hits the financial ledger.
• You know that “perfect is the enemy of shipped.” You can stand up a minimum viable control framework today while architecting for a public-company posture tomorrow.
• You are skilled at managing stakeholders with competing priorities, including the productive tension between business teams that want to ship and audit teams that want to prove.
• You stay composed when the room is not. When an auditor surfaces a finding mid-walkthrough, you triage and respond. You do not deflect.

Nice To Haves

• Master’s degree is preferred.

Responsibilities

• Build the Control Framework: Design and operate the application control framework across Slate’s enterprise systems portfolio, covering ERP, MES, WMS, procurement, and the platform applications Slate is building, with explicit coverage of SOX application controls, application-layer ITGC (change management, access management, transport governance), and segregation of duties.
• Partner with Internal Audit: Be Slate’s primary point of contact for internal audit on systems matters, partnering on audit planning, control walkthroughs, evidence requests, and remediation, and treating the relationship as a working partnership rather than a periodic event.
• Run the Audit Program: Own the end-to-end audit cycle for the systems portfolio, including readiness assessments, evidence collection, auditor walkthroughs, deficiency tracking, and remediation, with KPI-driven reporting that gives leadership clear visibility into posture.
• Embed Automated Controls: Implement automated control testing, segregation of duties, transport governance, and access certification, freeing the team from manual evidence work and raising the bar on detection and prevention.
• Own Application Access Governance: Lead the application access governance program across the systems portfolio, including role design, provisioning automation, periodic access reviews, and SOD remediation.
• Build Compliance Culture: Develop and deliver the compliance training and awareness programs that make controls a routine part of how the systems team and the business operate, not a quarterly fire drill.
• Operate at the Seams: Partner with IT Operations on infrastructure-layer ITGC and IT operational controls, and with Information Security on identity platform, cybersecurity, and IT general controls outside the application layer, so that Slate’s overall control posture is coherent across the three functions, not a patchwork.
• Report and Advise: Translate control posture, audit findings, and risk indicators into executive-ready insight for the Head of Enterprise Systems, the CIO, and the rest of leadership, including the trade-off conversations that come with each.

Benefits

• medical
• dental
• vision
• life insurance
• disability insurance
• vacation
• 401k