The ideal candidate is a seasoned IT SOX leader with deep expertise in IT general controls (ITGCs), application controls, audit coordination, and complex control remediation. This individual brings strong program governance, risk-based decision-making, and executive-level stakeholder management capabilities, enabling effective oversight of compliance initiatives while driving consistency, scalability, and continuous improvement across the organization.What You'll Do
SOX Program Management: Lead and drive the strategy, implementation, and continuous maintenance of our IT SOX compliance program end-to-end for the enterprise.
Risk Assessments: Oversee the annual IT risk assessment and scoping process to ensure alignment with financial reporting risks.
ITGC & Application Control Oversight: Oversee the design and effectiveness of IT General Controls (ITGCs) and key IT application controls (ITACs), including access management, privileged access, segregation of duties, change management, computer operations, interfaces, and key reports/IPE.
Audit Coordination: Partner with Internal Audit and external auditors to coordinate requests, walkthroughs, testing, and timely resolution of control issues.
SOX Documentation: Maintain high-quality SOX documentation, including risk and control matrices, narratives, flowcharts, and control evidence.
Deficiency Remediation: Drive control deficiency remediation by partnering with control owners on root cause analysis, action plans, and retesting readiness.
System Implementations: Support system design, upgrades, and major technology changes to ensure SOX requirements are built into processes and controls.
Third-Party Assurance: Review third-party assurance reports (e.g., SOC 1) and assess vendor controls that may impact financial reporting.
Stakeholder Guidance: Deliver training and guidance to control owners and stakeholders on SOX expectations, documentation standards, and audit readiness.
People Leadership: Develop and inspire others while fostering a culture of one team modeling full ownership to delivery and outcomes expected.
Program Scalability: Identify opportunities to improve the efficiency and scalability of the SOX program through automation, metrics, and GRC tools.
Technical Communication: Communicate technical and regulatory specifications and requirements to non-technical personnel in a clear and understandable manner.
Experience: 8+ years of relevant experience in IT Audit, IT SOX compliance, Information Security, or IT Risk Management, preferably within the tech industry or a Big 4 public accounting firm.
Leadership: 5+ years of experience leading, mentoring, and building high-performing compliance or audit teams.
Technical Acumen: Deep understanding of modern IT operations, including cloud security architectures (AWS, Azure, GCP), DevOps practices, agile change management, and complex logical access management. Must possess proven experience evaluating large-scale system implementations, Infrastructure as Code (IaC), and workflow orchestration.
Tool Proficiency: Hands-on experience implementing and managing GRC platforms (e.g., AuditBoard, LogicGate, MetricStream, Archer, ServiceNow).
Analytical Skills: Strong quantitative and problem-solving skills with a proven track record of utilizing data analytics and automating manual compliance processes.
Communication: Exceptional ability to translate complex technical and regulatory specifications to non-technical personnel and executive leadership.
What We Do
In 1969, Don and Doris Fisher opened the first Gap store on Ocean Avenue in San Francisco. They wanted to make it easier to find a great pair of jeans, and they did. Their denim and records store was a hit, and it grew to become one of the world’s most iconic brands. Today we’re represented in more than 1400 stores in over 40 countries, and online. We have headquarters in New York, London, Shanghai, Tokyo, and, of course, San Francisco. Our unique aesthetic is optimistic cool, elevated American style. Our clothes are crafted with care, with focused attention to thoughtful design. We believe in staying true to our heritage while creating what’s next. Don and Doris Fisher always wanted to “do more than sell clothes.” They wanted to support the people who ran their company, to be active in their communities, and to have a positive impact on the world. Their vision helped transform retail, and we’re still following their lead. We stand for freedom and possibility for all; we champion diverse ideas that transcend generations, geographies and genders.
.png){kind=logo}
