# Senior Staff IT Controls, Enterprise Applications

**Company:** [Gusto](https://hotfix.jobs/companies/gusto)
**Location:** San Francisco, CA, Seattle, WA
**Role:** IT Support
**Salary:** $205k – $225k/yr
**Experience:** 10+ years
**Skills:** Itgc, Sox 404, Coso, Cobit, NetSuite, Workday, Salesforce, Segregation Of Duties, Sod, Continuous Controls Monitoring, Ccm, Ai-Augmented Controls, Llm-Based Evidence Review, Pathlock, Sailpoint, Saviynt, Cisa
**Posted:** 2026-05-20

> Senior Staff IT Controls role owning ITGC design, testing, and AI-augmented assurance across NetSuite, Workday, and Salesforce. Requires 10+ years experience, SOX expertise, and proven ability to build continuous, automated controls monitoring.

## Job Description

## Responsibilities
- Own ITGC design and operation across enterprise applications — including logical access, change management, SDLC, computer operations, and segregation of duties (SoD).
- Lead the 1st-line control environment for in-scope enterprise applications, partnering with application owners and engineering leads to embed controls into operational workflows.
- Drive SoD strategy across ERP, HRIS, and CRM — including role design reviews, conflict remediation, mitigating control design, and ongoing monitoring tooling (e.g., Pathlock, SailPoint, Saviynt, native role analyzers).
- Manage the audit lifecycle as the primary 1st-line liaison with Internal Audit, External Audit, and the SOX PMO — walkthroughs, evidence collection, deficiency remediation, and management responses.
- Build AI-native continuous controls monitoring — including LLM-based evidence review, agentic control testing, and automated anomaly surveillance — to eliminate manual evidence collection and surface exceptions in near real time.
- Own the controls posture for Gusto's internal AI and automation portfolio. Partner with AI-builder teams to review internal AI use cases, classify by risk category, and ensure controls, evidence trails, and validation are built in.
- Lead access governance including provisioning/deprovisioning workflows, periodic user access reviews (UARs), privileged access management, and integration with the IGA platform.
- Govern application change management for in-scope systems — approvals, segregation between developers and production, emergency change handling, and release evidence.
- Mature the controls program by leading rationalization initiatives, control consolidation, and the adoption of automated/preventive controls over manual/detective ones.
- Partner cross-functionally with Security/GRC, Legal, Finance/Accounting, People Operations, and Revenue Operations to ensure controls support the business.

## Requirements
- 10+ years of experience in IT controls, audit, or enterprise applications governance, with a strong hands-on background operating in the 1st line of defense as a control owner across NetSuite, Workday, and/or Salesforce.
- Deep expertise in SOX 404, COSO, COBIT, and ITGC frameworks, including segregation of duties (SoD) design and remediation across ERP, HRIS, and CRM environments.
- Proven track record leading external audit engagements (Big 4 or equivalent) as the management-side owner, with public company or IPO readiness experience preferred.
- Demonstrated experience building and deploying AI-augmented controls work including agents, LLM-based reviewers, or automated anomaly detection, with the ability to design controls both for and with AI systems.
- Strong judgment on AI risk, including model risk, prompt injection, output validation, and audit trail design, with hands-on familiarity with agentic tooling such as Claude Code, MCPs, or LLM-based evidence pipelines.
- Excellent communicator who can translate complex control concepts for executives, auditors, and engineers, with experience in continuous controls monitoring (CCM) and data-driven assurance approaches.

## Nice-to-Haves
- Relevant certifications (CISA, CISSP, CIA, CPA, or equivalent).
- Familiarity with adjacent frameworks including SOC 1/2, ISO 27001, NIST CSF, and PCI DSS.

## Compensation & Benefits
- Competitive base pay, benefits, and equity (RSUs).
- Targeted cash compensation: $175,000-$195,000 /yr in Denver & most remote locations; $205,000-$225,000 /yr for San Francisco, Seattle & New York.

## Similar roles

- [Senior Staff Enterprise Technology Architect, People Technology](https://hotfix.jobs/jobs/21f808f3-9bf7-4c27-9a77-6d36964fac50) - Crusoe - San Francisco, CA - $190k – $220k/yr
- [Staff Systems Administrator](https://hotfix.jobs/jobs/f09d5b89-2dc0-4da0-a36c-afae0399c0e8) - Earnin - Mountain View, CA - $222k – $271k/yr
- [Business Systems Engineer](https://hotfix.jobs/jobs/bf511193-b6bc-4cd8-8ec8-bb283f79b5de) - Applied Intuition - Sunnyvale, CA - $150k – $185k/yr
- [Member of Technical Staff, IT](https://hotfix.jobs/jobs/678f4f8f-6292-4ddc-b7aa-1d7839bfe309) - Basis - New York, NY - $150k – $250k/yr
- [Sr Staff Information Systems Engineer](https://hotfix.jobs/jobs/1ab8a00a-49ae-42cc-9d0b-33073dfb6cf1) - Cribl - Remote - $136k – $213k/yr

**Apply:** https://hotfix.jobs/jobs/a9450204-c76d-43df-b449-432e5bb2b6ad
**Canonical:** https://hotfix.jobs/jobs/a9450204-c76d-43df-b449-432e5bb2b6ad