Sr. Manager, IT (Sox) Compliance & Systems

About The Position

Requirements

• Bachelor’s degree in information systems, Computer Science, Accounting, or related field required; advanced degree or relevant certification preferred.
• 7+ combined years of IT audit, IT risk, or IT compliance experience in a public company, Big Four, or biotech/healthcare environment or hands-on experience administering and supporting financial systems (e.g., NetSuite, Coupa, JDE) including user provisioning, configuration, and troubleshooting in a financial control setting.
• Ability to manage system integrations, upgrades, and maintenance for financial applications to ensure stability and compliance.
• Experience managing IT compliance programs across regulated enterprise applications (e.g., Rippling, FloQast, Condor).
• Strong understanding of financial processes (P2P, O2C, GL) and their impact on IT controls and SOX compliance.
• Strong knowledge of SOX requirements, IT General Controls, and IT risk frameworks (COBIT, COSO, NIST).
• Familiarity with cloud-based infrastructure (e.g., Azure) and associated control environments.
• Excellent project management, organizational, and communication skills.
• Professional certifications such as CISA, CISSP, or CIA preferred.
• Demonstrated expertise in SOx 404 testing, and compliance, preferably in the biotech, pharmaceutical, or life sciences industry.
• Strong knowledge of GAAP, COSO framework, SOX regulations and other relevant auditing and financial standards.
• Expertise in IT general controls (ITGC) such as access management, change management, and data integrity controls.
• Experience with audit methodologies and testing techniques.
• Knowledge of various IT systems and applications relevant to financial reporting (e.g. NetSuite, Coupa, Condor, FloQast).
• Experience working in a pre-commercial or commercial biotech environment is highly desirable.
• Proven ability to support audits and manage multiple projects while meeting deadlines in a dynamic environment.

Responsibilities

• Lead the IT SOX compliance program, including ITGC design, implementation, documentation, and testing.
• Develop and maintain IT compliance policies, procedures, and control documentation consistent with regulatory requirements and industry best practices.
• Identify control deficiencies, perform root cause analysis, and develop effective remediation plans.
• Drive continuous improvement in IT control effectiveness, efficiency, and automation.
• Monitor regulatory and industry developments; assess their impact on CG Oncology’s IT compliance framework.
• Oversee issue management processes, including troubleshooting, root cause analysis, and escalation for IT systems and applications.
• Oversee, manage and/or produce all required documentation to meet audits requirements.
• Perform general system administration and maintenance, including user account provisioning, system updates, patching, and performance monitoring.
• Manage IT service requests and incidents, ensuring timely resolution and adherence to SLAs.
• Maintain accurate documentation of system configurations, changes, and operational procedures.
• Partner with vendors and internal teams to ensure system reliability, availability, and security.
• Oversee system access reviews, change management controls, segregation of duties, and IT operations monitoring.
• Collaborate with IT infrastructure, applications, and security teams to ensure compliance is embedded in daily operations.
• Partner with Finance and Internal Audit to ensure IT controls align with overall SOX requirements and support quarterly/annual certification.
• Coordinate ITGC testing with internal (as applicable) and external auditors; manage requests, walkthroughs, and evidence collection.
• Provide training and guidance to IT and business partners on SOX requirements and IT compliance best practices.
• Provide role-based guidance to system owners and process stakeholders on SOX requirements and IT control responsibilities.
• Promote a culture of compliance through awareness programs, communication campaigns, and continuous updates on regulatory changes.

Benefits

• Highly competitive salaries
• Annual performance/merit reviews
• Annual performance bonuses
• Equity
• Special recognition
• Fully remote work environment
• Unlimited flexible time off
• 14 holidays in 2025
• 401K with 100% company Safe Harbor match up to 4% of base salary
• Health (medical, dental, vision) – PPO & HDHP – Cigna/Principal
• Health spending accounts - HSA (with Annual Company Contribution), FSA, FSA-DC
• Company paid LTD coverage + voluntary plans
• Company paid life insurance 1 x base salary + voluntary plans
• Voluntary legal, pet, plus more