SOX Audit Program Manager

We're committed to bringing passion and customer focus to the business.

Position Summary

The SOX Audit Program Manager is responsible for planning, coordinating, and executing Internal Audit’s independent testing of SOX and FDICIA internal controls over financial reporting. The position serves as the subject matter expert for SOX/ICFR within Internal Audit and provides technical oversight and review of audit work performed by other Internal Audit staff. This role does not design, own, or operate controls, nor does it perform management or first-line testing activities. The position operates exclusively within the third line of defense, providing independent assurance in accordance with the Internal Audit Charter, IIA Standards, and applicable regulatory expectations. The SOX Audit Program Manager works independently under minimal supervision, exercises significant professional judgment, and applies advanced technical and project management skills. The role includes project leadership and technical review responsibilities, but does not include direct people management, performance evaluations, or HR authority

Essential Duties and Responsibilities:

• Lead the planning, coordination, and execution of Internal Audit’s annual SOX 404 and FDICIA testing program, in accordance with the risk‑based audit plan approved by audit leadership.
• Develop and maintain risk‑based SOX/FDICIA audit programs, including scope determination, testing strategy, and timing of interim and year‑end procedures.
• Conduct and oversee process walkthroughs for in‑scope financial reporting processes to obtain audit understanding and validate management‑identified controls.
• Evaluate the design and operating effectiveness of key internal controls over financial reporting, including sample selection, execution of test procedures, and documentation of results.
• Review SOX testing work performed by Internal Audit staff for technical accuracy, sufficiency of evidence, and adherence to Internal Audit and COSO standards.
• Coordinate SOX‑related audit activities across business units while maintaining independence and objectivity.
• Anticipate and identify potential control gaps, deficiencies, or emerging risks within financial reporting processes.
• Evaluate and classify control issues (control deficiencies, significant deficiencies, potential material weaknesses) and ensure findings are supported, clearly documented, and appropriately escalated.
• Communicate audit progress, issues, and results to the Director of Internal Audit and Chief Audit Executive.
• Prepare and review SOX audit reports, management issue writeups, and executive‑level summaries.
• Present SOX audit results and internal control assessments to senior management, as requested.
• Monitor and validate management’s remediation plans and perform follow‑up testing to confirm timely and effective issue resolution.
• Serve as the primary Internal Audit liaison with external auditors for SOX/ICFR matters, supporting reliance on Internal Audit work where appropriate.
• Ensure all SOX audit activities comply with applicable laws, regulations, professional standards, and Internal Audit policies, including completion of required compliance training.
• Maintain working knowledge of banking operations, accounting standards, regulatory guidance, and emerging SOX/ICFR best practices.
• Identify opportunities to improve SOX audit efficiency, methodology, documentation standards, and use of audit technology.

Other Responsibilities:

• Pursues professional development opportunities, including external and internal training and professional association memberships and shares information gained with management.
• Pursues ongoing professional development through training, continuing education, and professional certifications.
• Shares technical knowledge and best practices with Internal Audit management and staff.
• Assumes responsibility for learning and applying new audit tools, systems, and technologies relevant to SOX and ICFR testing.
• Assists with special projects, regulatory requests, or other Internal Audit initiatives assigned by audit leadership.
• Performs other duties as assigned

Career Track Guidelines:

• Performs all duties described above with increasing independence and technical depth.
• Demonstrates advanced proficiency in SOX, FDICIA, COSO, and ICFR audit methodologies.
• Works effectively as a senior individual contributor and project lead within the Internal Audit team.
• Serves as a trusted technical resource for SOX and financial reporting controls.
• Build strong, professional working relationships with business units, external auditors, and audit leadership.
• Contributes to a positive Internal Audit culture through collaboration, knowledge sharing, and mentorship.
• Actively pursues professional growth and stays current on regulatory and professional developments.
• Demonstrate an understanding of appropriate business etiquette, including proper dress and business correspondence.
• Seek to learn through training and individual study.
• Actively participate in department community involvement program.

Qualifications:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirement list below is representative of the knowledge, skill, and/or ability required.

Skills:

• Advanced knowledge of SOX, FDICIA, ICFR, and the COSO framework.
• Strong analytical, audit planning, and organizational skills.
• Excellent written and verbal communication skills.
• Strong project management and time‑management capabilities.
• Ability to analyze complex processes and evaluate control design and effectiveness.
• Ability to prepare clear, concise audit documentation and executive‑level reporting.
• Ability to effectively present information to senior management and Audit Committee members.
• High degree of professional judgment, independence, and ethical standards.

Education and Experience:

• Bachelor’s or master’s degree in business administration or accounting preferred.
• 5+ years of progressive experience in Internal Audit, SOX compliance, or public accounting with a focus on internal controls.
• Prior experience leading or coordinating SOX 404 and/or FDICIA testing for a financial institution strongly preferred.
• Banking or financial services audit experience preferred

Certifications:

• CPA strongly preferred.
• CIA or other relevant professional certifications a plus.
• If CPA, must be a member in good standing with the AICPA and/or applicable state societies.

Other Qualifications:

• Strong understanding of Internal Audit independence and third‑line responsibilities.
• Familiarity with PCAOB and IIA standards related to ICFR and internal controls.
• Ability to handle confidential information with discretion and professionalism

Other

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.  Activities, duties and responsibilities may change at any time with or without notice.  

Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications.