Director – IT Compliance

Job Description: • Own and lead the enterprise ITGC strategy and operating model, in consultation with the Chief Accounting Officer and SOX Compliance function • Develop, maintain, and continuously evolve the ITGC framework, including application controls, aligned to business growth and regulatory expectations. • Establish governance and accountability for all ITGCs across IT, Engineering, and cloud platforms. • Inventory all systems and tools that support financial reporting (either directly or indirectly) and define risk-based tiering and prioritisation. • Drive implementation of IT general controls and application controls across the enterprise, system-by-system, based on the prioritised risk profile. • Ensure high-quality documentation, testing readiness, and continuous improvement of IT control processes. • Identify, assess, and proactively manage IT and technology-related SOX risks, ensuring appropriate preventive and detective controls are in place. • Serve as the primary executive owner for internal and external IT audits, SOX reviews, and control assessments. • Partner cross-functionally with Engineering, Product, Security, Finance, and Compliance to ensure integrated and scalable risk management • Oversee the day-to-day effectiveness of ITGC operations, including access management, change control, batch processing, backup and recovery, logging, and cloud configuration controls for in-scope systems. • Exercise authority to enforce ITGC requirements, including requiring remediation, escalating non-compliance, and pausing or blocking changes or releases that introduce SOX control risk. • Embed ITGC requirements into CI/CD pipelines, infrastructure-as-code, cloud platforms, and automated access workflows to ensure controls are preventive, repeatable, and scalable. • Own remediation strategy and execution for ITGC deficiencies, including prioritization, root-cause resolution, validation of fixes, and prevention of repeat findings. • Maintain accountability for long-term control durability, ensuring controls remain effective as systems, platforms, and delivery models evolve. • Build, mentor, and scale the ITGC function, including future team growth as the company scales. Requirements: • Bachelor’s degree in Information Technology, Computer Science, or a related field • 12+ years of progressive experience in IT, internal audit, external audit, or risk management, with significant leadership experience; must have at least 3+ years of experience at a U.S. public company • CGEIT, CISM, CISA, CRISC, CCEP, or equivalent certifications required • Deep understanding of SOX 404, regulatory requirements, and industry standards; technology industry experience strongly preferred • Strong command of internal control frameworks (COSO, COBIT) and enterprise risk assessment methodologies • Proven experience leading IT audits, SOX programs, and control functions in complex technology environments • Strong executive-level communication, analytical, problem-solving, and program management skills • Demonstrated ability to influence senior leaders and enforce standards without direct authority • Experience scaling controls in high-growth, cloud-native, CI/CD-driven organizations preferred Benefits: • Health insurance • 401(k) matching • Flexible work hours • Paid time off • Remote work options Apply tot his job