Internal Audit & SOX Manager

Crinetics is a pharmaceutical company based in San Diego, California, developing much-needed therapies for people with endocrine diseases and endocrine-related tumors. We were founded by a dedicated team of scientists with the simple belief that better therapies developed from rigorous innovation can lead to better lives. Our work continues to make a real difference in the lives of patients. We have a prolific discovery engine and a robust preclinical and clinical development pipeline. We are driven by science with a patient-centric and team-oriented culture. Crinetics is known for its inclusive workplace culture. We are also a dog-friendly workplace. This is an exciting time to join Crinetics as we shape our organization into the world’s premier fully-integrated endocrine company from discovery to patients. Join our team as we transform the lives of others.

Position Summary:

The Internal Audit SOX Manager will report to the Director, Internal Audit SOX, and play a crucial role in the design, implementation, and ongoing management of the company's internal control over financial reporting (ICFR) environment. With Crinetics' ongoing commercialization efforts and the increasing reliance on technology to support our rapid growth, there is a strong and growing emphasis on Information Technology General Controls (ITGCs). This individual will be instrumental in supporting the company's growth and ensuring a robust and scalable control framework that addresses the evolving technology landscape. This role requires experience in internal controls, compliance, risk management, and particularly IT general controls, including experience at a Big 4 accounting firm. This person will work cross-functionally to increase awareness around risk mitigation strategies and controls, especially as they relate to IT systems and processes. This role will also support other audit efforts such as SOX business process controls as well as other audit engagements.

Essential Job Functions and Responsibilities:

These may include but are not limited to:

• Partner with IT, Finance, Legal, and other key stakeholders to ensure a strong control environment is embedded in new systems, processes, and business initiatives, including international operations, with a particular focus on IT systems and applications.
• Assist in the annual SOX risk assessment and scoping process, with an emphasis on identifying and assessing IT-related risks and controls, ensuring alignment with evolving business risks and regulatory changes.
• Lead the development and continuous improvement of ITGC documentation, controls, and testing methodologies to support operational efficiency and compliance readiness.
• Execute ITGC testing, including testing of key reports and interfaces, and provide clear, concise documentation of results.
• Identify and evaluate deficiencies related to IT controls, provide recommendations for remediation, and track the progress of remediation efforts.
• Stay current on industry best practices, emerging IT risks (e.g., cybersecurity, data privacy), and regulatory developments to proactively adapt and evolve the compliance program.
• Foster a culture of accountability and controls awareness, particularly regarding IT risks, through training, communication, and engagement across all levels of the organization.
• Work closely with external service providers on ITGC audits, ensuring work is performed efficiently and timely.
• Contribute to ad-hoc reviews, process improvement projects, or other special projects as needed.
• Support the identification and implementation of opportunities to enhance audit effectiveness through technology, including the use of AI, automation, and data analytics to improve IT control testing precision, risk detection, and overall audit scalability.

Education and Experience:

Required:

• Bachelor's or Master's degree in a related field (e.g., Information Systems) or equivalent.
• At least 8 years of internal audit, risk management, and IT audit experience, including Big 4 experience, alternatively 6 years of experience with a Master’s will be considered.
• Active CPA, CIA, CISA, or equivalent certification.
• In-depth knowledge of Sarbanes-Oxley (SOX) requirements, internal control frameworks (e.g., COSO, COBIT), and PCAOB standards, with a strong understanding of their application to IT environments.
• Advanced understanding of generally accepted accounting principles (GAAP).
• Experience with ITGC audits, key reports testing, and flowcharting.
• Experience managing or overseeing IT-related SOX programs at a public company.
• Strong communication, presentation, and interpersonal skills to effectively interact with various stakeholders, including IT leadership, finance teams, and external auditors.

Preferred:

• Accounting knowledge
• Ability to prioritize assignments, deal with interruptions, and meet deadlines in a fast-paced and growth-oriented environment.
• Experience with modern ERP systems (e.g., NetSuite, SAP, Concur) and financial supporting applications, including understanding of system configurations, access controls, and interface controls.
• Experience in the biotechnology or pharmaceutical industry.
• International compliance oversight experience, particularly with IT-related regulations.

Physical Demands and Work Environment:

Physical Activities: On a continuous basis, sit at desk for a long period of time; intermittently answer telephone and write or use a keyboard to communicate through written means. Some walking and lifting up to 25 lbs. may be required. The noise level in the work environment is typically low to moderate. The physical demands described above are representative of those that must be met by an employee to successfully perform the essential functions and responsibilities of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and responsibilities.

Laboratory Activities (if applicable): Biology and chemical laboratory environment experience needed. Environmental health and safety requirements also apply.

Travel:

You may be required to travel for up to 5% of your time.

Equal Opportunity Employer:

Crinetics is proud to be an Equal Opportunity Employer. We provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of sex, sexual orientation, gender (including gender identity and/or expression), pregnancy, race, color, creed, national or ethnic origin, citizenship status, religion or similar philosophical beliefs, disability, marital and civil union status, age, genetic information, veteran status or any personal attribute or characteristic that is protected by applicable local, state or federal laws.

Total Compensation:

The final salary offered to a successful candidate will be dependent on several factors that may include but are not limited to the type and length of experience and education. Crinetics Pharmaceuticals is a multi-state employer, and this salary range may not reflect positions that work in other states. Your recruiter can share more about the specific salary range during the hiring process.

Salary Range

In addition to your base pay, our total rewards program consists of a discretionary annual target bonus, stock options, ESPP, and 401k match. We also provide top-notch health insurance plans for employees (and their families) to include medical, dental, vision and basic life insurance, 20 days of PTO, 10 paid holidays, and a winter company shutdown.