# Senior SOX Manager

**Company:** [Instacart](https://hotfix.jobs/companies/instacart)
**Location:** Remote
**Role:** Technical Program Management
**Salary:** $155k – $196k/yr
**Experience:** 8+ years
**Skills:** Sox, Itgc, Itac, Coso, Icfr, AWS, Azure, GCP, SDLC, DevOps, CI/CD, ERP, SAP, Workday
**Posted:** 2026-07-07

> Lead enterprise SOX compliance programs with focus on IT controls, architecture alignment, SDLC integration, data/reporting controls, and automation across cloud, microservices, and financial systems. Requires 8+ years in technical program management, IT SOX/audit, or risk consulting with ability to translate technical risks into compliance frameworks.

## Job Description

## Program Strategy & Execution
- Lead end-to-end SOX programs, including planning, execution, and delivery across ITGCs, ITACs, and key business process controls
- Drive risk assessments, control scoping, testing, deficiency evaluation, and remediation
- Define program roadmaps, milestones, and success metrics, ensuring alignment with compliance and audit requirements
- Coordinate with Internal Audit and external auditors to support audit readiness and reliance

## Technical Program Leadership
- Lead complex, cross-functional programs spanning multiple systems, teams, and business domains
- Own program execution end-to-end, including dependency management, risk mitigation, and deficiency tracking
- Operate as the single-threaded owner for program outcomes across technology, engineering, data and finance stakeholders
- Translate ambiguous technical and regulatory requirements into structured execution plans

## Technology Controls & Architecture Alignment
- Drive implementation of controls across modern technology environments, including cloud native architectures, cloud platforms (e.g., AWS, Azure, GCP), distributed systems and microservices architectures, API-driven and event-based systems
- Address risks related to dynamic infrastructure and environment provisioning, configuration management and system inconsistencies
- Partner with engineering teams to embed controls within system design and architecture decisions

## SDLC & Engineering Controls Integration
- Embed controls across the software development lifecycle (SDLC), including code repositories and access controls, CI/CD pipelines and deployment governance, environment segregation (dev, test, prod)
- Promote “compliance-by-design” and “compliance-as-code” approaches
- Ensure controls are implemented with minimal friction to engineering workflows

## Data & Reporting Controls
- Lead programs to implement controls across data platforms and financial reporting pipelines, including data ingestion, transformation, and reporting layers, reconciliations between source systems and reporting outputs
- Ensure controls support data completeness, accuracy, and lineage, reliable and auditable financial reporting datasets

## Financial Systems & Business Process Controls
- Oversee controls across key financial processes, including order-to-cash, revenue recognition, payments, adjustments, and reconciliations
- Address risks in high-volume, system-driven transaction environments
- Drive implementation of end-to-end reconciliation and completeness controls across systems

## Automation & Continuous Monitoring
- Drive adoption of automated control testing frameworks, continuous controls monitoring (CCM) solutions, data analytics to enhance control effectiveness
- Reduce reliance on manual, point-in-time controls by enabling scalable, real-time assurance models

## Remediation & Transformation
- Lead material weakness and control deficiency remediation programs
- Define and execute future-state control frameworks aligned to scalable, technology-enabled environments
- Drive transformation from fragmented/manual controls → integrated, automated control ecosystems

## Executive Reporting & Governance
- Develop executive-ready program updates, dashboards, and risk summaries
- Translate technical control gaps into financial reporting impact, business and audit implications
- Support SteerCo and Audit Committee communications

## Minimum Qualifications
- 8–12+ years in Technical Program Management, IT SOX, IT Audit, or Risk Consulting
- Experience leading large-scale, cross-functional technology programs end-to-end
- Experience in SOX-regulated or highly controlled environments
- Ability to connect technical architecture with financial controls and risk outcomes
- Strong knowledge of SOX, COSO, ICFR, ITGCs (access, change management, operations), ITACs and automated controls
- Familiarity with cloud platforms and modern application architectures, data platforms and reporting environments, SDLC processes and DevOps practices

## Preferred Qualifications
- Advanced degree (MBA, MIS, or equivalent) is a plus
- Experience managing IT SOX efforts for ERP systems such as Oracle, SAP, or Workday
- Familiarity with cloud-based environments (AWS, Azure, GCP) and related control implications
- Prior experience in an embedded or liaison role between compliance and engineering functions
- Strong project management and organizational skills with a results-oriented approach

## Similar roles

- [Lead Program Manager, Vendor Operations](https://hotfix.jobs/jobs/618fca6b-161c-4c9b-89cd-5bee70e5054f) - Reddit - New York, NY - $155k – $252k/yr
- [Senior Technical Program Manager](https://hotfix.jobs/jobs/0e0a8975-46cf-4a4f-a491-30068a4ed93d) - Deepgram - Remote - $152k – $190k/yr
- [Strategic Project Lead, Robotics](https://hotfix.jobs/jobs/2abdeed4-b7b7-4f91-893f-17508349d2a6) - Scale AI - San Francisco, CA - $152k – $228k/yr
- [Senior Technical Program Manager](https://hotfix.jobs/jobs/6c648f40-d0e7-4e87-bced-41d385244926) - Deepgram - Remote - $152k – $190k/yr
- [Senior Technical Program Manager - Internal Foundations](https://hotfix.jobs/jobs/17ff4edb-3e82-4226-a8f5-467961751789) - Grow Therapy - San Francisco, CA - $152k – $190k/yr

**Apply:** https://hotfix.jobs/jobs/5bf42d2f-4e5d-48a3-9def-f6610e597e84
**Canonical:** https://hotfix.jobs/jobs/5bf42d2f-4e5d-48a3-9def-f6610e597e84