Senior Manager, IT SOX Technical Audit

About The Position

Requirements

• 10+ years of experience in IT audit, IT SOX compliance, or technology risk.
• 10+ years leading SOX programs or audit teams in complex environments.
• Deep, hands‑on expertise in: SOX 404, COBIT, IT General Controls and application controls, automated controls in modern enterprise systems
• Proven ability to evaluate controls within integrated, business ‑ critical environments .
• Strong judgment balancing audit rigor with operational reality.
• Excellent communication and documentation skills.
• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.

Nice To Haves

• Big 4 IT audit experience strongly preferred.
• Professional certifications preferred (CISA, CPA, CIA, CISSP).

Responsibilities

• Own IT SOX end-to-end, including planning, scoping, risk assessment, testing, remediation, and reporting.
• Partner with Finance, Internal Audit, IT Control owners, and PWC on scoping and executing the SOX audit strategy.
• Maintain complete, accurate, and audit‑ready documentation for all in‑scope systems and controls.
• Define and execute a clear roadmap to scale and mature IT SOX as systems, integrations, and automation increase.
• Design, operate, and continuously improve IT General Controls (ITGCs) and IT Application Controls (ITACs).
• Enforce effective controls over user access and role design, segregation of duties, change management and deployments, interfaces, data flows, and system‑generated reports
• Increase reliance on automated, system‑enforced controls and reduce dependence on manual processes.
• Assess SDLC, DevOps, and CI/CD controls to confirm changes are controlled, traceable, and auditable.
• Evaluate controls in the context of how systems and business processes operate, assessing controls are appropriate given real system configurations, data dependencies, and transaction flows.
• Partner directly with system owners and process leaders to understand operational realities.
• Apply judgment to delineate control risk from acceptable operational variation.
• Lead IT audit planning and coordinate testing across IT, Security, Engineering, and Finance.
• Serve as the primary point of contact for external auditors on all IT SOX matters.
• Ensure audit evidence is complete, clear, timely, and supports reliance.
• Proactively manage audit issues and prevent last‑minute surprises.
• Own all IT control deficiencies from identification through sustained remediation.
• Perform root cause analysis and assess control severity and financial risk.
• Design remediation that permanently addresses the issue, not short‑term fixes.
• Validate remediation effectiveness and prevent recurrence through improved control design.
• Drive automation, analytics, and continuous monitoring to improve control quality and efficiency.
• Reduce manual testing through stronger automated controls and tooling.
• Rationalize and simplify controls without weakening risk coverage.
• Embed controls directly into systems and workflows where possible.
• Translate complex technical and audit topics into clear, direct language for leadership and business partners.
• Provide concise updates on SOX status, key risks, and remediation progress.
• Educate IT and system owners on SOX responsibilities and documentation expectations.
• Build strong, trusted relationships across IT, Engineering, Security, and Finance.

Benefits

• market-competitive compensation packages, inclusive of base pay, incentives, benefits, and equity