Senior Manager, IT Audit & SOX Compliance

We are seeking an IT Audit Senior Manager to lead our IT Internal Audit and IT SOX compliance work.This individual will have extensive experience working cross-functionally with IT, Engineering, and Security teams, managing internal and external audit requests, and performing deep technical risk assessments to ensure the integrity of our systems. The ideal candidate is a proactive leader with a Big 4 background and a commitment to process improvement and automation. This role is ideal for someone who excels at auditing complex cloud environments, challenging the status quo, and building scalable control frameworks in a high-growth public tech company.

This role reports to our Head of Internal Controls and is required to follow our hybrid, 4 day a week work model out of our San Francisco office.

What You’ll Do

• Lead IT SOX Compliance: Drive the end-to-end IT SOX program, including risk assessment, scoping, and the evaluation of IT General Controls (ITGCs) and IT Application Controls (ITACs) across the company’s tech stack.
• Strategic Risk Advisory: Partner with IT and Engineering teams to provide proactive guidance on control design for new system implementations, cloud migrations, and product launches.
• External Audit Management: Act as the primary point of contact for external auditors, ensuring seamless coordination of testing and timely remediation of identified deficiencies.
• Audit Execution: Plan and execute technical audits focused on high-risk areas including Cloud Security (AWS/GCP), Identity & Access Management (IAM), SDLC, and Data Privacy.
• Process Automation: Drive efficiencies by leveraging data analytics and automation tools to transition from traditional point-in-time testing to continuous monitoring.
• Remediation Oversight: Collaborate with process owners to develop robust remediation plans for control gaps, ensuring root causes are addressed and validated.
• Executive Reporting: Prepare high-quality audit reports and presentations for senior leadership and the Audit Committee, translating technical risks into business impact.
• Team Leadership: Manage co-sourced providers, fostering a culture of technical excellence and professional growth.
  
  

What We’re Looking For

• Education: Bachelor’s degree in Management Information Systems (MIS), Computer Science, Accounting, or Finance.
• Certifications: CISA (Certified Information Systems Auditor) or CIA (Certified Internal Auditor) is required. CISSP is a significant plus.
• Experience: 8 years of experience in IT Audit or IT Risk Management, with at least 3 years in a management role.
• Big 4 Background: Experience at a Big 4 accounting firm in their IT Risk/Advisory practice is required.
• Industry Knowledge: Proven experience operating within a public company in the Tech industry, with a deep understanding of cloud-native environments.
• Technical Expertise Requirements:
• Strong understanding of COSO, COBIT, and NIST frameworks, and the ability to audit complex SDLC/Agile processes.
• Cloud Infrastructure: Hands-on experience auditing AWS or Azure environments.
• Systems: Experience with NetSuite (or similar ERP), Salesforce, and Workday.
• Analytics & Automation: Proficiency with data analytics and GRC tools (e.g., ThoughtSpot, Alteryx, Tableau, AuditBoard, or Workiva).
• Software Lifecycle: Deep familiarity with modern CI/CD pipelines and automated deployment controls.
• Communication: Proven ability to communicate technical audit findings to non-technical stakeholders clearly and effectively.
  

The posted pay range represents the anticipated low and high end of the compensation for this position and is subject to change based on business need. To determine a successful candidate’s starting pay, we carefully consider a variety of factors, including primary work location, an evaluation of the candidate’s skills and experience, market demands, and internal parity.For roles with on-target-earnings (OTE), the pay range includes both base salary and target incentive compensation. Target incentive compensation for some roles may include a ramping draw period. Compensation is higher for those who exceed targets. Candidates may receive more information from the recruiter.

Pay Range: $107,250 USD - $200,000 USD