SOX ITGC Manager

Role Summary

SOX ITGC Manager to ensure compliance with SOX 404 requirements and maintain robust IT General Controls across the organization. Serves as a bridge between the business, internal audit, and external auditors, applying technical and internal control expertise to assess and manage IT risks while supporting business objectives. Reports to the Senior Director, Accounting as part of the Finance organization.

Responsibilities

• Plan, coordinate and execute all phases of IT SOX Compliance.
• Update the IT scoping and risk assessment.
• Manage the documentation, preparation, and testing of SOX 404 controls related to IT and finance processes, including risk/control matrices and process flowcharts; evaluate controls as new systems are developed or processes change.
• Ensure IT systems and financial processes are in compliance with SOX regulations for in-scope processes and global entities.
• Collaborate with internal and external auditors to support annual testing and audits.
• Identify control gaps and propose corrective actions for continuous compliance; challenge existing controls and collaborate with stakeholders to implement best practices.
• Oversee maintenance and monitoring of IT General Controls (ITGC) in alignment with corporate and regulatory requirements; recommend changes to documentation and environment as needed.
• Ensure IT controls are integrated into business processes and follow industry best practices.
• Manage the quarterly assessment of ITGC effectiveness, including quarterly control certifications and compliance activities.
• Assess risks of financial and IT systems and work with cross-functional teams to develop mitigation strategies.
• Manage evaluation and remediation of control deficiencies with timely resolutions and review IT-related financial transactions for ITGC compliance.
• Act as a liaison between Finance, IT, and internal audit to facilitate communication and streamline processes.
• Coordinate and support IT Audit Process for 404, including timelines, testing strategies, and audit expectations with stakeholders.
• Advise business units on internal controls and IT processes to meet financial reporting objectives.
• Provide training and support to business units on SOX and ITGC compliance, controls, and best practices.
• Identify automation and process-improvement opportunities to enhance control environments, including potential AI use cases.
• Recommend process optimizations and design solutions with IT teams to strengthen internal controls.
• Work on ad-hoc implementations with Finance/Accounting implications to assess 404 and financial impact of new platforms or functionality.
• Maintain clear, organized documentation of processes, controls, and remediation actions.
• Own and maintain the AuditBoard platform for quarterly controls, update controls and manage SoxHub maintenance.
• Prepare regular reports for senior management on SOX 404 compliance and ITGC effectiveness; ensure timely reports for Audit Committee and external auditors.

Qualifications

• Required: Bachelor’s degree in Computer Science, Information Technology, Accounting, Finance, or a related field.
• Required: 5+ years of experience in SOX 404 compliance, ITGC, internal controls, or related roles; public accounting experience preferred.
• Required: Strong understanding of SOX 404 requirements and ITGC frameworks (e.g., COBIT, COSO).
• Required: Experience with IT systems, ERP platforms, and financial reporting processes; experience working with internal and external auditors.
• Required: Proficiency in Microsoft Excel, PowerPoint, and other financial reporting tools.
• Required: Ability to work effectively with both finance and IT teams; strong analytical and problem-solving skills; excellent written and interpersonal communication.
• Preferred: CPA, CIA, CISA, or similar certification.
• Preferred: Experience with ERP systems (NetSuite, Coupa) and integration of IT controls in financial processes.
• Preferred: Experience in the life sciences or healthcare industry; knowledge of emerging technologies (cloud, AI, cybersecurity) and their impact on internal controls.

Skills

• IT control frameworks: COBIT, COSO
• SOX 404 compliance and ITGC testing
• Financial systems and ERP familiarity
• Auditing collaboration and remediation management
• Process optimization and automation awareness

Education

• Bachelor’s degree in Computer Science, Information Technology, Accounting, Finance, or a related field