Manager, Technology Risk and SOX

View full description

Requirements:

• CISA, CISSP, CRISC, CISM, CPA, or CIA certification.
• 6+ years of experience in SOX compliance, IT risk management, or technology audit roles.
• Experience in public accounting and understanding of SEC and PCAOB requirements.
• Understanding of cloud platforms (AWS, Azure, GCP) and IT environments.
• Proficiency in SOX, IT general controls, and internal control frameworks such as COSO, COBIT, and NIST.
• Strong communication skills for explaining technology risks to all stakeholders.
• Critical thinking and problem-solving skills.
• Excellent interpersonal and organizational skills to manage multiple projects.

Responsibilities:

• Lead and manage SOX compliance for IT and Technology, including planning, scoping, testing, and reporting on key controls.
• Lead and mentor a team of internal auditors, fostering a culture of continuous improvement, innovation, and professional growth.
• Identify, assess, and mitigate technology risks, particularly in cloud infrastructure, system integrations, and software development processes.
• Develop and implement Sarbanes-Oxley IT policies, procedures, and work standards in line with SEC requirements and PCAOB guidance.
• Build strong relationships with key stakeholders to identify risk mitigations and areas for improvement.
• Collaborate with IT control owners and other stakeholders to ensure quality controls for operational, technical, and financial risks.
• Conduct risk assessments for technology systems for early identification of risks.
• Oversee evaluation and testing of IT general controls, application controls, and automated controls.
• Communicate SOX findings and recommendations to senior leadership.
• Stay informed about industry best practices and adjust strategies accordingly.
• Contribute to the continuous improvement of SOX and risk processes.