Description We are a technology company born of the belief that companies should do more than just make a profit, they should make the world a better place. Our technology - a product and service portfolio of personal systems, printers, and 3D printing solutions - was created to inspire this meaningful progress. We know that thoughtful ideas can come from anyone, anywhere, at any time, and all it takes is one to change the world.
Manage and execute the SOX compliance program, including scoping, risk assessment, testing, and remediation activities. Identify and evaluate ITGCs across areas such as access controls, change management, system operations, and SDLC. Collaborate with control owners to ensure understanding, proper documentation, and implementation of IT control procedures. Perform walkthroughs and testing of controls for key financial systems and supporting infrastructure. Track, document, and communicate control deficiencies and remediation plans. Serve as a liaison between Engineering, IT, internal audit, and external auditors during SOX reviews. Assist with the development and maintenance of SOX documentation including risk/control matrices, process narratives, and flowcharts. Monitor and report on compliance status and risks to leadership through dashboards and reports. Provide guidance on control design and process improvements to enhance the overall IT control environment.
Support Shift-Left and Agentic AI efforts to improve the SDLC by moving testing and security earlier in the lifecycle and automating processes to reduce manual development and compliance efforts
Impacts function and leads and/or provides expertise to functional project teams and may participate in cross-functional initiatives.
Complexity Works on complex problems where analysis of situations or data requires an in-depth evaluation of multiple factors.
Disclaimer This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.
Salary The pay range for this role is $105,050 to $161,800 USD annually with additional opportunities for pay in the form of bonus and/or equity (applies to United States of America candidates only). Pay varies by work location, job-related knowledge, skills, and experience.
Requirements
Strong understanding of internal control over financial reporting (ICOFR), risk assessment, IT General Controls (ITGC), and PCAOB expectations
Demonstrated experience testing ITGCs for applications, operating systems, and databases and reviewing / validating the completeness and accuracy of audit evidence
Experience in constructively challenging internal and external auditors when appropriate, ensuring audit requests and findings are risk based, practical, and aligned with regulatory guidance
Attention to detail and quality, balanced with the ability to see the big picture and identify areas for process simplification
Ability to proactively look ahead, anticipate questions, independently assess risk, think critically and creatively to achieve the best outcome, and elevate issues to the right level internally and externally to resolve
Proven ability to work in a deadline-driven environment and handle multiple projects simultaneously
Excellent interpersonal, written and verbal communications, presentation and influencing skills
Strong planning and project management skills
8+ years of experience in IT Audit, IT Compliance, or a related discipline, with direct SOX IT compliance experience
Bachelors degree in Business Administration, Accounting, Management Information Systems (MIS), Computer Science or related field
Preferred certifications: CISA, CISM, CRISC, CISSP or similar certifications
Business Processes
ICOFR IT General Controls IT Audit System and Organization Controls (SOC) reports Auditing Github or similar source code repositories Automating compliance efforts to reduce manual burden Cybersecurity Governance, Risk & Compliance Control frameworks such as NIST CSF, NIST AI RMF, ISO 27001, SOC2, etc Familiarity with AI risk management