IT & SOX Control Senior Manager

About The Position

Requirements

• Bachelor’s degree in information systems, Computer Science, Accounting, Finance, or a related field required
• Minimum 8 to 10 years of progressive experience in IT audit, SOX compliance, information security, or a related field — with at least 3 years in management or leadership capacity
• Demonstrated experience leading SOX ITGC programs in a publicly listed company, including direct engagement with external auditors .
• In-depth knowledge of at least one major ERP platform is a mandatory requirement
• Proven track record of delivering IT audit engagements across a broad range of technology risk areas including access management, change management, cybersecurity, cloud, and application controls
• Experience building or significantly advancing data analytics capability within an Internal Audit or finance function. Proficiency in data analytics tools such as SQL, , Power BI, Tableau, Python, or equivalent

Nice To Haves

• Master's degree in a relevant discipline is advantageous
• CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or CISM (Certified Information Security Manager) preferred
• Hands-on experience with AI tools applied in an audit, finance, or risk management context is highly desirable

Responsibilities

• Develop and execute the annual IT audit plan covering application controls, cybersecurity, infrastructure, data management, third-party / vendor risk, and emerging technology risk
• Lead complex, high-risk IT audit engagements including ERP configuration reviews, privileged access audits, change management audits, cybersecurity assessments, and cloud migration reviews
• Partner with external auditors to align on ITGC scope, testing approach, reliance strategy, and deficiency classification — serving as the primary internal liaison for all IT-related SOX matters
• Maintain the ITGC control library ensuring controls are accurately documented, mapped to relevant risks and financial reporting assertions, and reflect the current system and process environment
• Evaluate IT control deficiencies using the PCAOB and COSO frameworks, assess aggregation risk, and present findings and remediation plans to the VP of Internal Audit, CFO, and Audit Committee as required
• Drive continuous improvement in the SOX program to reduce redundancy, increase efficiency, and improve reliance by external auditors — with a target of reducing external audit fees through expanded internal reliance
• Support the strategy and execution for embedding artificial intelligence and machine learning tools into the Internal Audit function, with the goal of enhancing risk identification, testing efficiency, and insight quality across all audit types
• Evaluate, pilot, and implement AI-powered audit tools covering areas such as natural language processing for contract and policy review, anomaly detection in financial transactions, predictive risk scoring for audit planning, and automated workpaper generation
• Design, build, and institutionalize a core suite of data analytics routines to be used systematically across financial, operational, IT, and compliance audits — moving the function from ad hoc data analysis to a repeatable, scalable analytics capability
• Serve as the function's primary subject matter expert on enterprise resource planning systems, with the ability to navigate system configuration, authorization structures, master data governance, and financial reporting processes at a technical level
• Lead or direct audits of ERP environments covering access controls and segregation of duties, configuration change management, financial close processes, automated application controls, and interface and data integrity

Benefits

• health insurance
• life and disability insurance
• 401(k) retirement plan
• paid holidays
• paid time off (PTO)