Remote Manager, Technology Risk and SOX

Summary

Join our Business Transformation team as a Manager, Technology Risk to lead efforts in internal controls, system implementations, and audits, including SOX compliance, SOC 1/SOC 2 audits, and ISO 27001 assessments.

Requirements

• CISA, CISSP, CRISC, CISM CPA, or CIA certification
• 6+ years of experience in SOX compliance, IT risk management, or technology audit roles, with a focus on technology risks and cloud-based environments
• Experience in public accounting and understanding of SEC and PCAOB requirements
• Experience operating in high growth technology companies
• Proficiency in SOX, IT general controls (ITGCs), and internal control frameworks such as COSO, COBIT, and NIST
• Proven ability to assess and mitigate risks within cloud platforms (AWS, Azure, GCP) and IT environments
• Solid understanding of modern technology stacks, IT processes, and the software development lifecycle (SDLC)
• Strong communication skills, able to explain complex technology risks to both technical and non-technical stakeholders
• Experience leading SOX projects, managing teams, and coordinating with external auditors
• Critical thinking and problem-solving skills with the ability to assess IT processes and solve complex problems
• Excellent interpersonal and organizational skills, with the ability to manage multiple projects and meet deadlines in a fast-paced environment

Responsibilities

• Lead and manage SOX compliance for IT and Technology, including planning, scoping, testing, and reporting on key controls
• Lead and mentor a team of internal auditors, fostering a culture of continuous improvement, innovation, and professional growth
• Identify, assess, and mitigate technology risks, particularly in cloud infrastructure, system integrations, and software development processes
• Develop and implement Sarbanes-Oxley IT policies, procedures, and work standards in line with SEC requirements and PCAOB guidance
• Build strong relationships with key stakeholders, including Engineering, IT, InfoSec, Legal, and Accounting, to gain a thorough understanding of their operations and identify risk mitigations and areas for improvement
• Collaborate with IT control owners, Information Security, Infrastructure Engineering, and other stakeholders to ensure the quality, consistency, and scalability of controls that address operational, technical, and financial risks
• Conduct risk assessments for technology systems to ensure early identification of risks and integration of controls into business processes
• Oversee the evaluation and testing of IT general controls (ITGCs), application controls, and automated controls within cloud and technology systems
• Communicate SOX findings and recommendations to senior leadership and control owners, while supporting external auditors in their assessments and addressing any identified deficiencies
• Stay informed about industry best practices for IT and technology risk management, adapting these strategies to the company’s needs
• Monitor emerging regulations and industry standards affecting IT controls, adjusting audit plans and strategies accordingly
• Contribute to the continuous improvement of SOX and risk processes, including training and guiding team members, consultants, and stakeholders on compliance and risk management best practices
• Support internal and external audits by providing insights into IT-related SOX risks and assisting with remediation efforts

Benefits

• Competitive total compensation package
• Pay for performance rewards approach
• Dental, vision, and other benefits