SOX PMO IT Advisory Manager

Are you passionate about internal controls? The organization's SOX program management office ("PMO") is expanding and is committed to operational excellence and compliance at scale. As we innovate, the strength of our internal control environment remains foundational. We are seeking a SOX IT Advisory Lead to serve as a trusted advisor across our business and technology functions on process and controls design. This high-impact role will engage with stakeholders to drive scalable and sustainable process and control improvements for key IT systems and tools. This role will also serve as advisor for critical control design and play a key part in evolving the SOX program for the future.

Description

This role focuses on IT risk and controls across critical financial systems, partnering with IT, engineering, and security teams to support effective control design, system readiness, and advising on key technology change initiatives. • Advise IT and engineering teams on SOX requirements related to access, change management, job management, third-party service organization and system development life cycle (SDLC) controls. • Assess the SOX impact of new systems, enhancements, and automation initiatives. • Provide guidance on IT general, interface and automated control design in alignment with the Committee of Sponsoring Organizations (COSO) framework and auditing standards. • Partner with technology stakeholders to identify scalable control automation opportunities. • Support IT control testing readiness and remediation oversight. • Deliver SOX training and enablement tailored for technical control owners.

• 8+ years of experience in IT SOX, IT risk advisory, or audit; experience in technology, micro services, SAP and SaaS environments preferred.
• 2+ years proven experience managing, developing and coaching as the leader of a team.
• CPA, CIA, CISA, CISSP and/or other certification required
• Bachelor's degree in information systems, accounting, or related field.

• 10+ years of experience in IT SOX, IT risk advisory, or audit; experience in technology, micro services, SAP and SaaS environments preferred.
• Strong understanding of IT general controls (ITGC), system risk, and SOX 404 requirements.
• Ability to communicate and translate technical concepts into risk language for business and audit stakeholders.
• Familiarity with automated controls, AI/ML risk considerations, or IT control monitoring tools.