Senior Manager, IT Audit

The Senior Manager, IT Audit will lead the IT SOX program and manage all aspects of IT General Controls (ITGC) and IT Application Controls (ITAC) testing. This is a hands-on leadership role requiring strong technical expertise, project management skills, and the ability to work independently in a fast-paced, global environment. The role also includes conducting IT audits, supporting enterprise risk management (ERM), and collaborating with internal and external stakeholders.

Key Responsibilities

• Lead and manage the IT SOX program, including planning, risk assessment, testing execution, and reporting.
• Conduct IT audits, including fieldwork, report writing, and presenting findings to senior management.
• Collaborate with finance, audit, and IT departments to ensure SOX compliance, especially where controls have IT dependencies.
• Participate in IT SOX efforts with external auditors; align testing approaches and expectations.
• Identify, assess, and test ITGCs and ITACs for systems such as Oracle EBS, UKG, and SRM.
• Monitor outsourced ITGC/SOX testing and report status to senior leadership.
• Provide guidance to control owners on control performance, documentation, and updates.
• Ensure timely updates to narratives, SOPs, and control documentation following changes.
• Maintain the Risk Control Matrix (RCM) and deficiency tracker; monitor remediation progress.
• Serve as liaison between external auditors and the IT organization.
• Assist in developing a comprehensive ERM framework to identify, measure, and monitor key risks.
• Stay current on regulatory requirements, IT frameworks (e.g., COBIT, NIST, ISO), and emerging technologies.
• Participate in special projects as assigned by management.

Required Qualifications

• 10-12 years of experience assessing and testing IT controls for complex ERP systems.
• Prior experience in a Big Four firm or internal audit function focused on IT SOX/compliance.
• Master's degree in Management Information Systems, Finance, Accounting, or Business Administration.
• Strong technical understanding of IT systems, financial applications, user access controls, and change management.
• Expertise in Oracle ITGC and ITAC controls (e.g., revenue, general ledger, AR/AP).
• Professional certifications required: CISA, CISSP, CIA, or equivalent.
• Strong verbal and written communication skills.
• Proven project management skills with the ability to multitask and adapt to changing priorities.

Preferred Qualifications

• Strong IT background or working knowledge of Oracle databases, Windows, UNIX, or Linux.
• Effective communication and interpersonal skills with the ability to influence across levels.
• Ability to prioritize tasks in real-time and manage multiple deliverables.
• High integrity, dependability, and a strong sense of urgency and results orientation.
• Experience in the manufacturing industry is preferred.