The Manager, GRC – SOX Digital Transformation plays a key role in executing and evolving the organization’s IT SOX compliance and controls modernization initiatives. This role focuses on enhancing the efficiency, automation, and effectiveness of IT general controls (ITGCs) and application controls through digital transformation efforts, including GRC tooling, data analytics, and process standardization. 

This individual partners closely with Internal Audit, Finance, and Technology teams to support SOX compliance, drive control improvements, and implement scalable, technology-enabled solutions that strengthen the overall control environment. 

Key Responsibilities 

SOX & IT Controls Execution 

• Support the end-to-end execution of IT SOX compliance activities, including scoping, walkthroughs, control testing, and remediation tracking. 

• Evaluate the design and operating effectiveness of IT general controls (logical access, change management, operations, and SDLC). 

• Coordinate with control owners to ensure timely completion of control activities and remediation efforts. 

• Assist in preparing audit-ready documentation and support external audit requests. 

SOX Digital Transformation & Automation 

• Drive initiatives to modernize and automate SOX IT controls through GRC platforms and enabling technologies. 

• Partner with stakeholders to standardize and optimize control design across systems and platforms. 

• Leverage data analytics and visualization tools (e.g., Power BI) to enhance control monitoring and reporting. 

• Support implementation, enhancement, and ongoing management of GRC tools (e.g., ServiceNow GRC, Archer, AuditBoard). 

• Identify opportunities to reduce manual effort, improve control reliability, and enhance audit efficiency. 

GRC Program Support 

• Contribute to the development and continuous improvement of IT GRC policies, standards, and procedures. 

• Participate in technology risk assessments across cloud, ERP, and SaaS environments. 

• Align IT controls with internal policies and external frameworks (e.g., COSO, COBIT, NIST). 

• Support compliance efforts related to SOC audits and other regulatory or certification requirements, as needed. 

Stakeholder Collaboration & Reporting 

• Partner with Internal Audit, Finance (SOX), and IT teams to ensure alignment on control requirements and testing approaches. 

• Translate control requirements into practical guidance for technical and non-technical stakeholders. 

• Track and report on SOX control performance, deficiencies, and remediation status. 

• Promote a culture of accountability and continuous improvement in controls and compliance. 

Qualifications 

Education 

• Bachelor’s degree in Information Systems, Computer Science, Accounting, Business, or a related field required. 

• Master’s degree (MBA, MIS, or equivalent) preferred but not required. 

Experience 

• 5–8+ years of experience in IT audit, IT risk, SOX compliance, or GRC. 

• Hands-on experience supporting SOX ITGC programs in a public company environment. 

• Experience working with or implementing GRC tools and audit management platforms. 

• Exposure to digital transformation, automation, or process improvement initiatives within GRC or audit. 

• Experience in Big 4 or public accounting environments preferred but not required. 

Certifications 

• CISA (Certified Information Systems Auditor) — Preferred 

• CISSP, CISM, CRISC, or CIA — Nice to have 

Technical Skills 

• Strong understanding of ITGC domains: access management, change management, operations, and SDLC. 

• Working knowledge of SOX 302/404 requirements and IT audit methodologies. 

• Familiarity with frameworks such as COSO, COBIT, and NIST CSF. 

• Experience with data analytics and reporting tools (e.g., Power BI, ACL, IDEA). 

• Exposure to cloud environments (AWS, Azure), ERP systems (SAP, Oracle), and SaaS platforms. 

Leadership & Soft Skills 

• Strong communication skills with the ability to work effectively across technical and business teams. 

• Detail-oriented with strong organizational and project management capabilities. 

• Ability to manage multiple priorities and meet deadlines in a fast-paced environment. 

• Collaborative mindset with a proactive approach to problem-solving. 

• Continuous improvement mindset with interest in leveraging technology to enhance controls. 

Core Competencies 

SOX & IT Controls Execution | Process Improvement & Automation 
Risk Awareness | Cross-Functional Collaboration 
Data-Driven Insights | Continuous Improvement 

Work Environment & Physical Requirements 

This role operates in a professional office environment with hybrid flexibility. The position requires extended periods of computer use. Occasional travel may be required (up to 15%).