SOX ITGC Senior Program Manager
SOLV Energy · Bend, OR · 2 wk ago
Information Technology$142k–$178k/yrFull-time
Position Responsibilities and Duties
- Lead end-to-end SOX scoping, risk assessment, and annual planning across all in-scope systems, applications and infrastructure.
- Develop and maintain comprehensive documentation, policies, procedures, and control matrices.
- Identify, assess, and document ITGCs across in-scope systems and processes (e.g., access controls, change management, data backup, system development lifecycle).
- Own the testing calendar and coordinate walkthroughs, evidence collection and remediation cycles.
- Serve as the primary liaison between IT, Internal Audit and external audit during walkthroughs, testing and issue resolution.
- Cook up with Internal Audit and External Audit to align ITGC testing, evidence collection, and remediation activities.
- Maintain control effectiveness, drive continuous improvement and identify opportunities to automate manual controls to improve efficiency and reliability.
- Ensure controls are scalable and aligned with business growth and system changes.
- Partner with Internal Audit, Finance, and other business units to align ITGC efforts with broader SOX compliance initiatives.
- Analyze control deficiencies, assess risk impact, and lead remediation planning and execution.
- Absorb the impact of new systems, technology changes, and acquisitions on SOX scope.
- Cook up SOX ITGC training to IT staff and stakeholders on SOX ITGC requirements and responsibilities.
- Provide ongoing coaching and guidance on ITGCs to ITGC control stakeholders.
- Promote a culture of SOX ITGC compliance and accountability across the organization.
- Provide Executive Leadership and Internal Audit with regular program status updates, remediation progress, risk exposure assessments and control environment health metrics.
- Stay current with changes in regulatory requirements and industry trends and adjust compliance programs accordingly.
Minimum Skills or Experience Requirements
- Bachelor's degree in Information Technology, Information Security, Cybersecurity or related field and/or equivalent experience
- 8+ years of progressive experience in IT compliance, audit, or risk management with demonstrated ownership of SOX ITGC frameworks and remediation programs.
- Proven experience designing and implementing ITGC programs or frameworks.
- Proven ability to translate regulatory controls into actionable IT processes that scale.
- Deep understanding of SOX requirements, ITGC domains, and control testing methodologies.
- Strong project management and organizational skills; ability to manage multiple priorities in a fast-paced environment.
- Experience developing Audit Committee and Board of Directors level status updates and reports.
- Experience presenting and communicating with Executive Leadership and Audit Committees.
- Excellent communication and interpersonal skills; ability to influence and collaborate across departments.
- Experience with implementing or optimizing audit tools, GRC platforms (e.g., Vanta, Workiva), and ERP systems is a plus.
- Professional certifications (CISA, CRISC, CISSP, CPA) strongly preferred — or equivalent experience demonstrating mastery of IT control frameworks.
- Strong analytical and problem-solving skills.
Benefits
- Medical, dental, vision, basic life and disability insurance.
- Eligible for enrollment in the company’s 401(k) plan.
- Provided vacation, sick and holiday pay.
Pay Range
$142,021.00 - $177,526.00
Job Number
J13132