Internal Audit & SOX Manager

About The Position

Requirements

• Bachelor's or Master's degree in a related field (e.g., Information Systems) or equivalent.
• At least 8 years of internal audit, risk management, and IT audit experience, including Big 4 experience, alternatively 6 years of experience with a Master’s will be considered.
• Active CPA, CIA, CISA, or equivalent certification.
• In-depth knowledge of Sarbanes-Oxley (SOX) requirements, internal control frameworks (e.g., COSO, COBIT), and PCAOB standards, with a strong understanding of their application to IT environments.
• Advanced understanding of generally accepted accounting principles (GAAP).
• Experience with ITGC audits, key reports testing, and flowcharting.
• Experience managing or overseeing IT-related SOX programs at a public company.
• Strong communication, presentation, and interpersonal skills to effectively interact with various stakeholders, including IT leadership, finance teams, and external auditors.
• Accounting knowledge
• Ability to prioritize assignments, deal with interruptions, and meet deadlines in a fast-paced and growth-oriented environment.

Nice To Haves

• Experience with modern ERP systems (e.g., NetSuite, SAP, Concur) and financial supporting applications, including understanding of system configurations, access controls, and interface controls.
• Experience in the biotechnology or pharmaceutical industry.
• International compliance oversight experience, particularly with IT-related regulations.

Responsibilities

• Partner with IT, Finance, Legal, and other key stakeholders to ensure a strong control environment is embedded in new systems, processes, and business initiatives, including international operations, with a particular focus on IT systems and applications.
• Assist in the annual SOX risk assessment and scoping process, with an emphasis on identifying and assessing IT-related risks and controls, ensuring alignment with evolving business risks and regulatory changes.
• Lead the development and continuous improvement of ITGC documentation, controls, and testing methodologies to support operational efficiency and compliance readiness.
• Execute ITGC testing, including testing of key reports and interfaces, and provide clear, concise documentation of results.
• Identify and evaluate deficiencies related to IT controls, provide recommendations for remediation, and track the progress of remediation efforts.
• Stay current on industry best practices, emerging IT risks (e.g., cybersecurity, data privacy), and regulatory developments to proactively adapt and evolve the compliance program.
• Foster a culture of accountability and controls awareness, particularly regarding IT risks, through training, communication, and engagement across all levels of the organization.
• Work closely with external service providers on ITGC audits, ensuring work is performed efficiently and timely.
• Contribute to ad-hoc reviews, process improvement projects, or other special projects as needed.
• Support the identification and implementation of opportunities to enhance audit effectiveness through technology, including the use of AI, automation, and data analytics to improve IT control testing precision, risk detection, and overall audit scalability.

Benefits

• In addition to your base pay, our total rewards program consists of a discretionary annual target bonus, stock options, ESPP, and 401k match.
• We also provide top-notch health insurance plans for employees (and their families) to include medical, dental, vision and basic life insurance, 20 days of PTO, 10 paid holidays, and a winter company shutdown.