SOX Auditor - IT Controls Manager

ITGC SOX Controls Testing

• Lead the execution of independent testing of IT General Controls (ITGCs) across key control domains: access management, change management, and system operations.
• Evaluate the design and operating effectiveness of IT controls across in-scope applications and infrastructure, including systems that support blockchain-native operations, digital asset custody, and crypto trading platforms.
• Document testing procedures and results to meet Internal Audit and external auditor quality standards.
• Identify new systems, applications, or process changes that emerge during testing and assess their SOX implications in coordination with the SOX Compliance team.
• Build and maintain testing programs, templates, and workpapers that create a repeatable, scalable foundation for IT SOX testing.
• Identify opportunities to leverage AI-enabled workflows and data analytics to improve testing coverage and efficiency across IT control domains.

Remediation Validation & Issue Management

• Independently validate the remediation of open SOX findings, including material weaknesses and significant deficiencies, across ITGC control areas.
• Evaluate control deficiencies by performing root cause analysis and assessing the severity and pervasiveness of exceptions to inform deficiency classification.
• Assess whether management’s remediation actions are adequately designed and operating effectively before closing findings.
• Track remediation progress, escalate delays or gaps, and report status to Internal Audit leadership and the Audit Committee as required.
• Coordinate with the SOX Compliance team to ensure alignment on remediation expectations, timelines, and evidence requirements.

Stakeholder Engagement & Reporting

• Serve as a trusted Internal Audit point of contact for IT control owners across Engineering, Infrastructure, Security, and IT Operations.
• Bridge the gap between audit methodology and engineering culture — translate technical IT audit findings for control owners, engineering teams, senior leadership, and external stakeholders.
• Contribute to Internal Audit reporting to the Audit Committee, external auditor, and senior leadership on IT SOX testing coverage, findings, and remediation status.
• Partner with the business process SOX tester and co-sourced resources to ensure coordinated testing coverage across the full SOX program.