Manager, GRC – SOX Digital Transformation

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, Accounting, Business, or a related field required.
• 5–8+ years of experience in IT audit, IT risk, SOX compliance, or GRC.
• Hands-on experience supporting SOX ITGC programs in a public company environment.
• Experience working with or implementing GRC tools and audit management platforms.
• Exposure to digital transformation, automation, or process improvement initiatives within GRC or audit.
• Strong understanding of ITGC domains: access management, change management, operations, and SDLC.
• Working knowledge of SOX 302/404 requirements and IT audit methodologies.
• Familiarity with frameworks such as COSO, COBIT, and NIST CSF.
• Experience with data analytics and reporting tools (e.g., Power BI, ACL, IDEA).
• Exposure to cloud environments (AWS, Azure), ERP systems (SAP, Oracle), and SaaS platforms.
• Strong communication skills with the ability to work effectively across technical and business teams.
• Detail-oriented with strong organizational and project management capabilities.
• Ability to manage multiple priorities and meet deadlines in a fast-paced environment.
• Collaborative mindset with a proactive approach to problem-solving.
• Continuous improvement mindset with interest in leveraging technology to enhance controls.

Nice To Haves

• Master’s degree (MBA, MIS, or equivalent) preferred but not required.
• Experience in Big 4 or public accounting environments preferred but not required.
• CISA (Certified Information Systems Auditor) — Preferred
• CISSP, CISM, CRISC, or CIA — Nice to have

Responsibilities

• Support the end-to-end execution of IT SOX compliance activities, including scoping, walkthroughs, control testing, and remediation tracking.
• Evaluate the design and operating effectiveness of IT general controls (logical access, change management, operations, and SDLC).
• Coordinate with control owners to ensure timely completion of control activities and remediation efforts.
• Assist in preparing audit-ready documentation and support external audit requests.
• Drive initiatives to modernize and automate SOX IT controls through GRC platforms and enabling technologies.
• Partner with stakeholders to standardize and optimize control design across systems and platforms.
• Leverage data analytics and visualization tools (e.g., Power BI) to enhance control monitoring and reporting.
• Support implementation, enhancement, and ongoing management of GRC tools (e.g., ServiceNow GRC, Archer, AuditBoard).
• Identify opportunities to reduce manual effort, improve control reliability, and enhance audit efficiency.
• Contribute to the development and continuous improvement of IT GRC policies, standards, and procedures.
• Participate in technology risk assessments across cloud, ERP, and SaaS environments.
• Align IT controls with internal policies and external frameworks (e.g., COSO, COBIT, NIST).
• Support compliance efforts related to SOC audits and other regulatory or certification requirements, as needed.
• Partner with Internal Audit, Finance (SOX), and IT teams to ensure alignment on control requirements and testing approaches.
• Translate control requirements into practical guidance for technical and non-technical stakeholders.
• Track and report on SOX control performance, deficiencies, and remediation status.
• Promote a culture of accountability and continuous improvement in controls and compliance.

Benefits

• medical insurance
• dental insurance
• vision insurance
• flexible spending accounts
• health savings accounts (HSA) with company contribution
• 401(k) retirement plan with matching
• employee stock purchase program
• life insurance
• AD&D
• short-term disability insurance
• long-term disability insurance
• generous paid time off
• company holidays
• parental leave
• identity theft protection
• pet insurance
• pre-paid legal insurance
• back-up child and eldercare days
• product discounts
• referral bonus program