Senior Manager, IT SOX Audit & Risk
FabFitFun is looking for a Senior Manager, IT SOX Audit & Risk to join our Controllership Department! Reporting to the Director of SOX Compliance, this person will be based out of our HQ in Los Angeles, and have the opportunity to work with a team of highly motivated professionals within a fast-paced eCommerce business.
What You’ll Do:
- Oversee IT SOX Program and coordinate IT SOX program testing with co-sourced SOX team members, external audit IT team members, IT management, process owners and control owners
- Conduct pre-implementation assessments to identify financial and operational risks and to advise on control design
- Develop and update IT SOX design documentation, as applicable, when new systems come into scope and when IT processes and controls change
- Establish IT SOX test plans, and oversee and execute focused and efficient IT controls testing
- Assist with annual and ongoing IT SOX scoping to identify changes to the systems, applications, and automated controls considered to be in-scope for the current fiscal year
- Support and monitor management’s remediation efforts to closure, including review of supporting evidence
- Assist with the implementation of the Enterprise Risk Management (ERM) Program, as a strategic approach to achieving business objectives
- Coordinate the effective identification of key strategic and emerging risks, advise on risk mitigation strategies, and maintain / update ERM program documentation
- Manage the implementation and roll-out of GRC software to support efficient and effective SOX and ERM program management and execution
- Perform and coordinate reviews of SOC 1, Type 2 Reports for in-scope SOX service providers
- Evaluate SOC 1 auditor opinion and test results, adequacy and relevance of report scope, and relevance of complementary subservice provider and user entity control considerations
- Collaborate with business management and IT management to develop balanced and effective remediation recommendations
What You’ll Bring:
- Bachelor’s degree in Computer Information Systems, Management Information Systems, or Accounting preferred
- Minimum of 7 years of relevant work experience in SOX compliance/ internal auditing, external auditing, operation and process improvement
- Big-4 or national audit/consulting firm experience preferred
- Certification required, preferably one of the following: CISA, CISSP, CISM, CIA, CPA
- Knowledge of IT frameworks, e.g. COBIT, ISO, NIST, ITIL
- Exposure to a high growth and/or continuously evolving technology enterprise in a consumer product environment
- Proficiency with data analytics, preferably in risk and control data analysis
- Adept at assessing complex IT and business processes environments to identify potential IT, financial, operational, and compliance risks
- Familiarity with enterprise risk management methodologies, frameworks and principles
- Ability to appropriately articulate requirements to technical and business stakeholders
- Experience with GRC Technology
- Knowledge of Netsuite and ERM experience is a plus!
What You'll Get:
- Amazing benefits including medical, dental, vision, FSA, and pet insurance
- 401K match program
- Open/Flexible PTO policy - we trust our employees to manage their time!
- Monthly cell phone stipend
- Monthly work from home stipend while the company is temporarily remote
- Donation matching program
- Free FabFitFun subscription and quarterly credit in our e-commerce store