Technology Systems Audit Manager

About The Position

Requirements

• Bachelor’s degree in Accounting, Information Systems, Computer Science, or a related field.
• 5+ years of experience in IT audit, IT compliance, or technology risk, with direct SOX/ICFR responsibility.
• Demonstrated working knowledge of ITGCs across change management, access, and operations domains.
• Experience interfacing directly with internal audit teams and external audit firms.
• Working familiarity with enterprise ERP systems and the control considerations specific to them.
• Strong documentation discipline and the ability to translate technical processes into clear control narratives.

Nice To Haves

• Professional certification such as CISA, CIA, CPA, or CISSP.
• Experience reviewing SOC 1 / SOC 2 reports and assessing CUECs.
• Public company experience and familiarity with PCAOB audit expectations.
• Experience designing audit processes for newly in-scope systems from the ground up.

Responsibilities

• Manage the complete IT audit lifecycle for all systems within scope of financial reporting.
• Maintain a current, accurate understanding of every software system that has a direct or indirect impact on the financial reporting process, including upstream and downstream data dependencies.
• Establish and maintain the audit calendar, scope boundaries, and testing schedules to ensure all control activities are planned, executed, and concluded on time.
• Document and maintain the full population of internal controls associated with each in-scope system, including: Configuration & Change Management controls, Access Controls (provisioning, deprovisioning, privileged access), Segregation of Duties — conflicting-access analysis and privileged / emergency (“firefighter”) access, Test / Validation Controls over system changes and implementations, Entity-Level Controls governing the broader IT control environment, IT Application Controls (ITACs) — system-enforced controls and automated calculations, Completeness & Accuracy of Information Produced by the Entity (IPE), ensuring reliability of system-generated reports and data used in controls and provided to auditors.
• Ensure control descriptions, control objectives, and supporting evidence requirements are clearly defined, current, and audit-ready.
• Provide indirect (dotted-line) oversight of control owners across the organization to ensure control activities are performed timely and consistently.
• Hold control owners accountable to documentation standards, evidence quality expectations, and remediation timelines.
• Identify gaps, coaching needs, or capacity constraints among control owners and escalate where appropriate.
• Serve as the designated owner of control monitoring and control documentation for one key in-scope system: the enterprise ERP platform.
• Maintain direct accountability for the ERP control narrative, control evidence, and ongoing operating effectiveness of those controls.
• Own and manage the Technology Department’s working relationship with the Internal Audit function.
• Serve as the primary technology point of contact for External Auditors, coordinating requests, walkthroughs, evidence delivery, and issue resolution.
• Act as the single, reliable interface that ensures audit interactions are organized, responsive, and professionally managed.
• Ensure that newly introduced in-scope software is evaluated for financial reporting impact on a timely basis.
• Design and implement effective audit processes and control frameworks for new in-scope systems prior to reliance.
• Perform independent review to confirm completeness of scoping and control coverage — ensuring nothing material is missed.
• Review SOC 1 and SOC 2 reports for all in-scope third-party systems and service providers.
• Evaluate the relevance and operating effectiveness of service organization controls, assess Complementary User Entity Controls (CUECs), and document any exceptions or coverage gaps.
• Proactively develop audit processes and control frameworks for other material software systems that may be brought into scope in the future.
• Maintain a forward-looking view of the system landscape so that scope expansion can be absorbed without compromising audit timeliness or quality.

Benefits

• medical, dental, and vision plans
• generous paid time off and holidays
• Health Savings Accounts (HSA) and Flexible Spending Accounts (FSA)
• 401(k) plan, complete with company contributions
• Employee Assistance Plan (EAP)