Director, Internal Audit

Remote - USA 

Compensation range for this role is estimated between $143,000 - $224,200 and will vary depending on geographic location, years of experience, qualifications and other variables. 

As the Director of Internal Controls and SOX Compliance, you are responsible for managing the SOX (Sarbanes-Oxley) program and internal control reviews by collaborating cross-functionally with various teams in Finance, IT, Operations, Data and Legal. Reporting to the Chief Financial Officer (CFO) and working under a co-sourcing/ outsourcing model, you will play a crucial role in managing the assessment, reporting and disclosure of all key controls and deficiencies across the organization and working with the business to ensure the controls are in compliance with regulatory requirements and corporate policies and procedures.

What you’ll do:

Develop and Implement effective SOX Compliance and Internal Control Assessment Strategy:

• Collaborate with stakeholders to perform risk assessment activities for the scoping of SOX, internal audits and/or special reviews
• Design and execute a comprehensive internal control framework with a financial compliance mindset across end-to-end business processes
• Ensure alignment of the SOX program to industry best practices and regulatory requirements for business processes and IT controls
• Coordinate and perform SOX testing, including the testing of key business process controls, IT general controls, IT application controls and key reports
• Perform special reviews on business processes, IT systems and/or other compliance initiatives as needed
• Evaluate internal controls, identify gaps, and work with control owners to recommend and implement remediation strategies
• Partner with external auditors in SOX compliance assessment effort

Manage SOX Compliance Program, Internal Control Review Activities and Enterprise Risk Assessment:

• Collaborate with cross-functional teams and control owners to establish SOX compliance objectives,  milestones, and action plans to meet the requirements
• Partner with control owners in developing and documenting effective internal control procedures for key business processes and IT systems in scope for SOX
• Manage tracking of SOX control documentation preparation and updates as well as audit PBCs by working with the control owners and co-sourcing/ outsourcing consultants
• Review internal controls to identify control weaknesses or opportunities for improvement and collaborate with control owners to evaluate financial reporting impact as well as identifying mitigating/ compensating controls  
• Track control owner’s remediation effort to ensure accuracy and reliability of financial reporting and for operational purposes
• Lead effort to perform Enterprise Risk Assessment
• Manage the quarterly SOX sub-certification/ disclosure process
• Provide Guidance and Support to Control Owners Collaborate with control owners across various functions to assess control needs, define control objectives, and ensure controls are designed to mitigate identified risks
• Support  control owners in understanding and documenting their processes, risks, and control activities
• Provide expertise and guidance in the design and implementation of effective controls to address the relevant business and IT risks including meeting SOX compliance requirements
• Develop and deliver training programs to educate control owners and employees on SOX compliance requirements, internal control principles, and their responsibilities
• Foster a culture of control awareness and compliance throughout the organization
• Stay updated on evolving SOX requirements, emerging risks, and industry trends to provide proactive guidance, and recommendations, and drive continuous improvement

Reporting and Stakeholder Management:

• Prepare and present regular reports to executive management, the Audit Committee, and the Board of Directors on SOX compliance status and results or as needed for special internal control projects
• Collaborate with external auditors during annual financial statement audits and SOX-related audits and ensuring timely completion of deliverables and effective communications

What you bring: 

• Bachelor's degree in Accounting, Finance, or a related field
• Minimum of 8+ years in SOX compliance, internal auditing, internal controls, or related roles, preferably within the biotech, pharmaceutical, or healthcare industries
• Strong knowledge of SOX compliance requirements, internal controls, risk management principles, business processes, and IT systems
• Demonstrated experience in designing and implementing SOX compliance programs, as well as identifying, documenting, and testing internal controls
• Proven ability to work with cross-functional teams, control owners, and external auditors
• Excellent communication, leadership, stakeholder management, and collaboration skills

Preferred skills:

• CPA or relevant professional certification preferred
• Knowledge of Workday, Oracle Fusion, cloud operations (e.g. AWS) and Github preferred

#LI-Remote