Vaco

About Vaco: Vaco provides expert consulting, permanent placement, executive search, and strategic staffing for companies around the world, in the areas of accounting, finance, operations, administration and more. As a premier talent solutions firm, Vaco connects people to their dream jobs and helps leading companies find talent to grow their business.

About the Company: Publicly Traded SaaS Company

Title: SOX IT Program Manager

Location: San Diego - Hybrid

Salary: $165-185k Bonus RSUs

Description: As an individual contributor manager (managing 3rd party resources in a co-sourced model) you will lead SOX IT audits. You will work with the Engineering, IT, Security and Privacy functions of this fast-paced, rapidly changing business, and directly with key stakeholders to drive SOX compliance. You have a strong background in IT SOX and are excellent at communicating vertically and horizontally across the company.

Responsibilities:

• Manage and direct the work streams related to IT SOX compliance including IT General Computer Controls (ITGCC), Segregation of Duties (SOD) controls, and application controls.
• Provide oversight and review of end to end control walkthroughs, documentation and quality assurance for all SOX IT areas.
• Provide technical support in the assessment, design and implementation of IT General Computer Controls (ITGCC) and IT application control requirements.
• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGCC including control gaps and findings identified by management.
• Review test findings, facilitate the remediation of IT Automated/Application (ITAC) control gaps, and escalate possible critical issues to senior management within IT.
• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC and ITACs.
• Participate in systems upgrades and enhancements, as necessary, to review that internal controls over financial reporting are adequately identified and addressed.
• Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT.
• Guide the SOX planning, scoping and execution of audits primarily in areas associated with technology and technology-related risks (e.g. cybersecurity, privacy, and business resilience) including reviews of new and enhanced products and supporting systems, process changes and system implementations.
• Lead the report drafting process including framing of audit observations within the relevant business context, formulation of practical recommendations that balance stakeholder needs, and development of useful insights for management.
• Demonstrate strong technical skills and understanding of key security, privacy, agile engineering practices.

Qualifications:

• 7 years of progressive internal audit experience in either Big 4 public accounting, and/or in industry, including at least 3-5 years of supervisory responsibility
• Bachelor’s or Master’s degree in a relevant discipline (e.g. Computer Science) or equivalent experience
• CISA, CISM and/or CISSP certifications preferred
• Working knowledge of information technology best practices and control frameworks such as NIST CSF, ISO27001 and COBIT