IT SOX Compliance Manager

Appian Corporation•McLean, VA

8d•Onsite

About The Position

The Appian FinOps and Business Technology teams are dedicated to building a secure, automated, and world-class operational foundation that fuels our global growth. We partner closely with internal audit and external partners to ensure our financial systems and technology platforms are robust, scalable, and fully compliant. Operating in a high-growth, fast-paced environment, we champion collaboration, continuous improvement, and data-driven automation to protect our business while reducing operational friction. As the IT SOX (Sarbanes-Oxley Act) Compliance Manager, you will step into a high-visibility role where you can leave your mark by modernizing and strengthening Appian’s IT internal controls. This isn't just about checking compliance boxes - it's about driving innovation, championing automation, and designing scalable control environments as we continue to grow. This role is based at our HQ in McLean, VA. Appian was built on a culture of in-person collaboration, which we believe is a key driver of our mission to be the best. Employees hired for this position are expected to be in the office 4-5 days a week to foster that culture and ensure we continue to thrive through shared ideas and teamwork. We believe being in the office provides more opportunities to come together and celebrate working with the exceptional people across Appian.

Requirements

5+ years of progressive experience in IT Audit, IT Compliance, or IT SOX, with significant exposure to public company environments.
Deep understanding of SOX 404, PCAOB standards, the COSO framework, and best practices for IT control design, testing, and maintenance.
Hands-on experience with core finance and operational processes, as well as exposure to ERP systems, subledgers, and workflow tools (e.g., NetSuite, Workday).
Proven ability to build relationships and influence senior leaders (such as the Controller and Head of Internal Audit) without direct authority.
Exceptional communication skills, with a track record of translating complex technical control concepts into actionable guidance for non-technical stakeholders.

Nice To Haves

Professional certification such as CISA, CPA, CIA, CA, or CRMA.
Experience working within high-growth, technology-driven companies, financial services, fintech, or crypto environments.
Proficiency with Governance, Risk, and Compliance (GRC) tools, with Workiva experience being a strong plus.
Familiarity with control automation technologies, data analytics tools, or automated monitoring solutions.

Responsibilities

Lead and Design: Oversee the annual IT SOX risk assessment, scoping, and materiality determinations, while leading the design, implementation, and monitoring of IT general controls (ITGCs) and IT application controls (ITACs).
Partner and Advise: Serve as a primary liaison with internal and external auditors, fostering alignment on testing strategies, walkthroughs, and evidence requests while acting as the strategic IT SOX advisor to FinOps and Business Technology teams.
Modernize and Automate: Drive continuous improvement by identifying opportunities to streamline, standardize, and automate IT controls, continuous control monitoring, and data analytics.
Maintain and Document: Own the upkeep and evolution of comprehensive control documentation, including process flowcharts and risk matrices, and facilitate key review procedures like user access reviews.
Remediate and Improve: Drive the timely remediation of IT control deficiencies, partnering across the business to design and execute sustainable, long-term corrective actions.