Senior Manager - SOX & SOC Compliance
About The Position
The Senior Manager, SOX & SOC Compliance is a senior individual contributor within the Technology Compliance organization, serving as a critical second line of defense (2LOD) function. This role provides subject‑matter leadership and hands‑on execution support to strengthen the company’s technology control environment and overall audit readiness. The position is primarily responsible for the design, execution, and continuous enhancement of the company’s SOX IT General Controls (ITGC) program, with a secondary focus on SOC reporting and readiness activities. The role partners closely with Ernst & Young (EY) and internal technology and business stakeholders to coordinate audits, manage ITGC walkthroughs and testing activities, and respond to auditor and client requests with high‑quality, timely evidence. Acting as a trusted advisor and primary liaison between technology control owners, Internal Audit, and external auditors, the Senior Manager provides independent oversight, drives consistency and discipline within first line of defense (1LOD) teams, and proactively identifies control gaps and remediation needs. The role ensures alignment, transparency, and a well‑prepared posture ahead of third‑line audit activities.
Requirements
- 7+ years of experience in IT compliance, internal audit, or a GRC-focused role within a complex, enterprise environment.
- 5+ years of hands‑on experience with SOX IT General Controls (ITGC), with direct involvement in audit execution, testing coordination, and remediation activities.
- 5+ years of experience partnering with technology and business control owners to assess control design and operating effectiveness, identify gaps, and drive timely remediation within a first line of defense (1LOD) model.
- 3+ years of experience working directly with Internal Audit and/or external auditors in an enterprise setting, including walkthroughs, evidence coordination, and issue resolution.
Nice To Haves
- Deep knowledge of SOX Section 302/404 requirements, IT General Controls, and SOC 1/SOC 2 frameworks.
- Familiarity with industry frameworks including COSO, COBIT, and NIST.
- Exceptional written and verbal communication skills, with the ability to distill complex technical and compliance topics for diverse audiences.
- Strong presentation skills with demonstrated experience presenting to senior leadership and large audiences.
- Proven ability to influence and drive action across functions and levels without direct authority.
- Strong organizational skills and the ability to manage multiple workstreams and competing deadlines in a dynamic environment.
- Proficiency with GRC tools and platforms; experience with audit management software a plus.
- CISA (Certified Information Systems Auditor) and/or CRISC (Certified in Risk and Information Systems Control) certifications preferred.
Responsibilities
- Design, execution, and continuous enhancement of the company’s SOX IT General Controls (ITGC) program.
- Secondary focus on SOC reporting and readiness activities.
- Partner with Ernst & Young (EY) and internal technology and business stakeholders to coordinate audits.
- Manage ITGC walkthroughs and testing activities.
- Respond to auditor and client requests with high-quality, timely evidence.
- Act as a trusted advisor and primary liaison between technology control owners, Internal Audit, and external auditors.
- Provide independent oversight.
- Drive consistency and discipline within first line of defense (1LOD) teams.
- Proactively identify control gaps and remediation needs.
- Ensure alignment, transparency, and a well-prepared posture ahead of third-line audit activities.
Benefits
- medical coverage
- dental coverage
- vision coverage
- paid time off
- retirement savings options
- wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
Associate degree
