SOX ITGC (UAR) Manager

ABOUT THE ROLE

We are seeking a skilled SOX ITGC Manager to lead our Sarbanes-Oxley (SOX) compliance efforts with a particular focus on User Access Review (UAR) controls and Identity Governance. The ideal candidate will have extensive experience in IT general controls, risk management, and identity management frameworks. This role will be responsible for overseeing and managing the execution of the SOX User Access Review process to ensure compliance with Sarbanes-Oxley (SOX) regulations and company policies. This role requires a strong understanding of information security principles, regulatory requirements, and the ability to collaborate with external auditors, internal audit teams, and business leaders to ensure robust compliance with SOX controls and effective management of user access reviews. The ideal candidate will possess a strong background in SOX compliance, audit management, and cross-functional collaboration.

YOUR DAILY IMPACT AT PELOTON

• SOX Compliance Management:
  Oversee and manage SOX compliance activities related to IT General Controls (ITGC), ensuring timely execution of UAR and other related controls.
• User Access Review (UAR):
  Design, implement, and monitor UAR processes to ensure that user access is appropriate and complies with organizational policies and regulatory requirements.
• Identity Governance:
  Develop and maintain an identity governance framework to manage user identities, roles, and access rights across systems, ensuring least privilege access principles are adhered to.
• Risk Assessment:
  Conduct regular risk assessments related to ITGC and identity management. Identify potential risks and recommend mitigation strategies to senior management.
• Documentation and Reporting:
  Create and maintain comprehensive documentation for all SOX controls, including policies, procedures, and process flows. Prepare and present regular compliance reports to management and auditors.
• Collaboration:
  Work closely with IT teams, internal audit, and external auditors to facilitate audits and ensure compliance with SOX requirements.
• Interface with External Auditors:
  Serve as the primary point of contact for external auditors regarding ITGC and UAR controls, ensuring that all necessary documentation and information are provided in a timely manner.
• Training and Awareness:
  Develop training programs for staff on SOX compliance, UAR controls, and best practices in identity governance to foster a culture of compliance within the organization.
• Continuous Improvement:
  Identify opportunities for process improvements in compliance practices and implement best practices in identity governance.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Accounting, or a related field.
• Minimum of 5 years of experience in IT compliance, risk management, or audit, with a focus on SOX.
• Strong understanding of ITGC frameworks, SOX requirements, and UAR controls.
• Experience with identity governance solutions and practices (e.g., IAM, role-based access control).
• Familiarity with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001).
• Excellent analytical, problem-solving, and organizational skills.
• Strong communication skills, both verbal and written, with the ability to present complex information clearly.
• Relevant certifications (e.g., CISA, CISSP, CRISC) are a plus

#LI-Hybrid

#LI-AC1