IT SOX ITGC Compliance Lead

Summary

The IT SOX ITGC Compliance Lead is responsible for overseeing and ensuring compliance with Sarbanes-Oxley (SOX) 404 IT General Controls (ITGCs). This role plays a critical part in assessing IT risks, evaluating IT control frameworks, and working closely with IT, finance, and internal audit teams to strengthen compliance and security postures. The ideal candidate will have expertise in IT controls, risk management, cybersecurity frameworks, and regulatory compliance.

Your role in our mission

IT SOX Compliance & IT General Controls (ITGCs)

• Lead the design and implementation of IT General Controls (ITGCs) to ensure SOX 404 compliance.
• Evaluate IT processes related to access controls, change management, system development, IT operations, and cybersecurity.
• Perform IT risk assessments
• Work with stakeholders to develop remediation plans.
• Participate in walkthroughs, control testing, and documentation of IT systems and applications.
• Ensure IT compliance with COSO, COBIT, and other relevant frameworks.

Audit, Risk Management & Control Monitoring

• Support internal and external auditors during IT SOX audits and facilitate control testing activities.
• Collaborate with finance, IT, security, and risk management teams to ensure effective IT governance.
• Monitor compliance trends, regulatory updates, and emerging risks to ensure IT control alignment with best practices.
• Lead initiatives to automate, optimize, and improve IT control processes to enhance compliance efficiency.

Stakeholder Collaboration & Compliance Reporting

• Act as a liaison between IT, internal audit, and external auditors to ensure smooth execution of SOX compliance audits.
• Provide guidance and training to IT teams on SOX ITGC requirements and risk mitigation strategies.

Qualifications & Experience:

• Education: Bachelor’s degree in Information Systems, Cybersecurity, Accounting, or a related field.
• Certifications (Preferred): CISA, CISSP, CRISC, CPA, CIA, or equivalent.
• Experience:
  • 19+ years of experience in IT audit, SOX compliance, ITGCs, or risk management.
  • Strong knowledge of ITGC frameworks, financial reporting systems, SAP S4/Hana ERP systems, and cloud environments.
  • Hands-on experience with GRC tools, security controls,  IT risk assessments, and AuditBoard.
  • Familiarity with cybersecurity frameworks, identity and access management (IAM), and IT process automation.

Skills & Competencies:

• Strong understanding of IT controls, compliance, and risk management.
• Proficiency in ITGC testing, control documentation, and remediation.
• Excellent analytical, problem-solving, and stakeholder management skills.
• Ability to work cross-functionally with IT, finance, audit, and executive leadership.
• Detail-oriented with a strategic approach to process improvement and automation.