Sarbanes Oxley (SOX) IT Compliance Supervisor

About The Position

Requirements

• Education: Bachelor’s degree in Information Systems, Computer Science, Accounting, Business, or related field.
• Experience: 6+ years of experience in IT audit, IT risk management, IT compliance, or information security governance.
• 3+ years of direct experience supporting SOX IT General Controls (ITGC), including control design and operating effectiveness testing.
• Strong knowledge of ITGC domains, including logical access, change management, and IT operations.
• Experience working within a publicly traded organization.
• Demonstrated experience leading, mentoring, or supervising team members.
• Experience partnering with Internal Audit and supporting external audit engagements.
• Strong written and verbal communication skills, including experience preparing executive-level reporting.
• Education: Bachelor’s degree in Information Systems, Computer Science, Accounting, Business, or related field.
• Experience: Three to Six-plus years’ experience in IT audit, SOX ITGC documentation and testing.
• Strong written and oral communication skills across varying levels of the organization.
• Excellent judgment and the ability to make quick decisions when working with complex situations.
• Organized, with the ability to prioritize and respond within defined SLAs.
• Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
• High degree of integrity, trustworthiness, professionalism and character.

Nice To Haves

• Preferable, but not required CRISC, CISA, CIA CISSP or equivalent.
• Familiarity with ERP systems such as SAP, Oracle, or Workday.
• Experience with GRC platforms (e.g., Navix, AuditBoard).
• Working knowledge of identity and access management (IAM), privileged access management (PAM), and cybersecurity control frameworks.
• Experience supporting automated controls and IT-dependent manual controls.
• Exposure to cloud environments (AWS, Azure, GCP) and related ITGC considerations.
• Generally familiar with one or more but not limited to: PCI, FFIEC, SOX, HIPAA, GDPR, CCPA and GLBA.
• Preferably some experience with Microsoft Azure or Oracle Cloud environments.
• Preferable, but not required CRISC, CISA, CIA CISSP or equivalent.

Responsibilities

• Lead and oversee the IT General Controls (ITGC) program to ensure SOX compliance across enterprise systems.
• Supervise and develop two IT SOX Analysts: review testing, documentation, and conclusions for quality and consistency.
• Coordinate ITGC risk assessments, control documentation, walkthroughs, and testing activities.
• Evaluate control design and operating effectiveness across access management, change management, and IT operations.
• Identify control deficiencies, assess risk impact, and drive remediation planning with technology stakeholders.
• Track and report on remediation progress; validate corrective actions and escalate risks as needed.
• Serve as primary liaison with Internal Audit and external auditors for IT SOX-related activities.
• Prepare executive-ready reporting on control performance, deficiencies, and compliance status.
• Support continuous improvement initiatives to enhance control effectiveness, automation, and overall control maturity.
• Identify strengths and weaknesses in team members and provide training to improve skills and knowledge.
• Remain current with emerging trends in SOX compliance and share knowledge with colleagues.