Lead IT Audit role owning the full IT SOX lifecycle, designing technology controls, and executing operational IT/cybersecurity audits in a SaaS environment. Requires 12+ years experience, deep SOX and cybersecurity knowledge, cloud/DevOps fluency, and a builder mindset to embed scalable controls and leverage AI for efficiency.
185k – 220k/yr
Hybrid12+ YOEOther
About the role
What You'll Achieve
Own the full IT SOX lifecycle — scoping, risk assessment, documentation, walkthroughs, testing, deficiency evaluation, remediation, and reporting — driving automation and efficiency across IT general controls (ITGCs) and IT application controls (ITACs)
Design, operate, and continuously improve technology controls spanning user access and segregation of duties, change management, SDLC and CI/CD pipelines, interfaces, data flows, and system-generated reports
Design and execute value-added operational IT and cybersecurity audits — across cloud infrastructure, security operations, identity and access management, data protection and privacy, disaster recovery and resilience, and vendor and third-party risk — while driving enterprise-level technology risk assessment that anticipates emerging risks before they materialize
Serve as a strategic advisor on cross-functional initiatives (product launches, new systems, architecture changes, M&A) and as the primary point of contact for external auditors, ensuring sound controls are built in from day one and audit evidence is complete, clear, and timely
Own IT control deficiencies from identification through sustained remediation while partnering with and educating system owners to build a culture of ownership and accountability
Champion the adoption of AI and modern tooling — from automated control testing and anomaly detection to continuous monitoring and AI-assisted documentation — to make the IT audit function smarter, faster, and more forward-looking
Skills You'll Need to Bring
12+ years of progressive IT audit, IT SOX, or technology risk experience, with a combination of Big 4 and high-growth technology company experience
Deep, hands-on ownership of IT SOX/ITGC programs, with a strong understanding of PCAOB standards, SEC requirements, and frameworks such as COSO, COBIT, NIST, and ITIL
Demonstrated experience designing and leading operational IT audits end to end — including annual planning, risk-based scoping, fieldwork, and reporting — across areas such as IT operations, infrastructure resilience, disaster recovery and business continuity, capacity and availability management, and IT vendor and third-party risk
Strong cybersecurity audit experience with working fluency in frameworks and regulations such as NIST CSF, ISO 27001, SOC 2, GDPR, and CCPA, and the ability to translate them into practical, testable controls
Software or SaaS industry experience is a must — particularly modern cloud-based technology stacks (AWS, GCP, Azure), software development lifecycles, and complex data flows — paired with strong technical knowledge across cloud security configurations, identity and access management, change management, DevOps and CI/CD pipelines, and enterprise IT operations risks and controls
Process leadership — a track record of building functions, designing new processes and policies, and driving continuous improvement
Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field; CISA, CISSP, CISM, CIA, CPA, or equivalent certification required
Strong stakeholder management and communication skills, with the ability to translate complex technical and audit topics into clear language and influence partners across all levels of the organization
Skills
It AuditIt SoxItgcItacCosoCobitNistItilNist CsfISO 27001SOC 2GDPRCCPAAWSGCP
Similar roles
New Energy Tech and Sustainability Lead
OpenAIUnited States
Lead infrastructure sustainability and emerging energy technology strategy for OpenAI's AI data centers. Evaluate and deploy scalable low-carbon solutions balancing reliability, cost, carbon, and regulatory needs; requires 15+ years in energy tech or clean power.
185k – 285k/yr
Remote15+ YOEOther
Executive Underwriter
ShepherdNew York, NY +3
Negotiates pricing, coverage, and terms for commercial construction and casualty insurance policies. Identifies target accounts, performs risk analysis, and drives new business development with 7+ years underwriting experience.
185k – 228k/yr
On-site7+ YOEOther
Senior Cost Engineer
ZooxFoster City, CA
Senior Cost Engineer owning vehicle BOM cost, investments, and should-cost modeling. Partners with engineering teams to optimize component costs and drive value engineering across vehicle programs.
187k – 225k/yr
On-site10+ YOEOther
Senior Compliance Manager
HarveyWashington, DC +2
Senior Compliance Manager responsible for building and scaling Harvey's compliance programs and certifications to support expansion into regulated markets. Requires 10+ years in security/compliance with 5+ years leading SaaS programs, cross-functional influence, and experience using AI tools to enhance efficiency.
188k – 281k/yr
Remote10+ YOEOther
Senior Manager, Global Public Affairs & Policy Narratives
CohereWashington, DC
Senior Manager responsible for developing policy narratives, speeches, reports, and high-impact events that translate Cohere's enterprise AI technology into compelling arguments for global policymakers and regulators. Requires 7+ years in public affairs/policy marketing plus deep technical fluency in AI models and regulations.