IT SOX Compliance Manager – 2LOD
ServiceTitan
full-time
Posted on:
Location Type: Remote
Location: Remote • California • 🇺🇸 United States
Visit company websiteSalary
💰 $151,100 - $202,100 per year
Job Level
Mid-LevelSenior
Tech Stack
AzureCloudGoogle Cloud Platform
About the role
- Lead the end-to-end lifecycle of IT SOX compliance, including risk assessment, scoping, control design, and deficiency management to mitigate technology risks tied to financial reporting.
- Manage key 2LOD Control Execution: User Access Reviews, Segregation of Duties analysis, and Policy & Standard Annual Review.
- Act as a trusted advisor to IT, Engineering, and Finance. Evaluate the risk impact of new system implementations, architecture changes, and operational pivots before they go live.
- Challenge the First Line (management) on control design and effectiveness. Drive system control readiness reviews and hold teams accountable for timely remediation of audit findings.
- Implement automation and continuous monitoring to streamline compliance and reduce manual overhead.
- Serve as the primary point of contact for internal and external auditors, manage the relationship to ensure efficient execution, minimize audit fatigue and articulate risk posture to senior leadership.
- Coach and develop team members, fostering a culture of risk awareness across the organization through training and guidance.
- Lead special projects involving AI governance, process optimization, and integration of new technologies into the SOX framework.
- Assist with broader compliance efforts including audit preparation, evidence support, and control readiness for SOC 1, SOC 2, ISO 27001, ISO 27701, and ISO 42001.
Requirements
- Bachelor’s degree in Information Systems, Accounting, or a related field.
- CISA, CPA, or CIA certification is highly preferred.
- 5+ years of experience in IT SOX Compliance, IT Audit, or Risk Advisory, with a background in Big Four firms or a leadership role in a public company.
- Deep understanding of complex enterprise environments.
- Hands-on knowledge of Enterprise SaaS vendors (i.e. Workday, Salesforce, GitHub, Jira, Okta, etc).
- Familiarity with Cloud Infrastructure: Azure and GCP controls and their integration with SOX.
- Experience in establishing control frameworks for in-house applications, focusing on secure coding practices, release management, and access controls.
- Strong critical thinking skills and the ability to "connect the dots" between technical flaws and financial risk.
- Proficiency in GRC platforms (AuditBoard, Hyperproof, Drata, Anecdotes) and a desire to leverage AI in compliance workflows.
Benefits
- Flextime, recognition, and support for autonomous work: Flexible time off with ample learning and development opportunities to continue growing your career. We offer a comprehensive onboarding program, leadership training for Titans at all levels, and other programs and events.
- Great work is rewarded through Bonusly, peer-nominated awards, and more.
- Holistic health and wellness benefits: Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents), FSA and HSA , 401k match, and telehealth options including memberships to One Medical.
- Support for Titans at all stages of life: Parental leave and support, up to $20k in fertility services (i.e. IUI and IVF), surrogacy, and adoption reimbursement, on demand maternity support through Maven Maternity, free breast milk shipping through Maven Milk, pet insurance, legal advisory services, financial planning tools, and more.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
IT SOX compliancerisk assessmentcontrol designdeficiency managementUser Access ReviewsSegregation of Duties analysisautomationcontinuous monitoringcontrol frameworkssecure coding practices
Soft skills
critical thinkingcoachingteam developmentrisk awarenesscommunicationrelationship managementleadershipadvisory skillsproblem-solvingtraining
Certifications
CISACPACIA