Primary Responsibilities:

• Lead and perform IT and integrated audit engagements, with support from IT Auditors, focusing on IT core infrastructure, trade execution and trade processing infrastructure, critical applications, and IT general controls;
• Build and maintain relationships with key stakeholders, establishing a culture of engagement while adding value;
• Develop and maintain an in-depth understanding of the technology organization, business areas, and support functions;
• Support the Head of Information Technology Audit with audit planning, scope design, internal control assessment, raising and reporting of issues, and monitoring of remediation plans;
• Participate in department-wide initiatives focused on continually improving firm processes and the control environment;
• Assist with annual risk assessment process, audit plan creation, and other departmental administrative projects.

Qualifications/Skills Required:

• 12+ years of IT audit experience with exposure to core IT infrastructure, cyber security, equities trading, fixed-income trading, operations, and/or trade support functions;
• Strong analytical and reporting skills and effective relationship-building experience;
• Effective communication (verbal and written) and inter-personal skills, with the ability to present sophisticated and sensitive issues to management and inspire change;
• Knowledge and experience of core IT infrastructure platforms (e.g., Windows, Unix, Sybase, SQL), cyber security, cloud technology, networks, firewalls, and/or data analytics;
• Extensive knowledge of the audit lifecycle and the evaluation of IT general controls and IT automated controls;
• Bachelor’s degree in Information Systems, Computer Science/Engineering, or other relevant fields;
• A related certification (e.g., CISA, CISSP, CIA) is desired;
• Domestic and international travel requirements: 0%-10%.

The estimated base salary range for this position is $160,000 to $250,000, which is specific to New York and may change in the future.

XML job scraping automation by YubHub

In this role, you will work cross-functionally with Engineering, Security, IT, DevOps, and Finance to ensure the organisation meets SOX 404 compliance requirements in a rapidly scaling, technology-driven environment.

This is a unique opportunity to build IT SOX controls at an AI-first company, leveraging cutting-edge AI technology to create innovative, automated, and scalable compliance solutions.

You will help define how AI can transform traditional SOX processes,from continuous monitoring to intelligent risk assessment,while maintaining the rigor required for public company compliance.

As the Head of IT SOX, you will own SOX IT planning, scoping, testing, remediation, and reporting activities. You'll work directly with technical partners to design and implement scalable controls, oversee documentation, and manage communication with external auditors.

This role reports to the Head of Internal Audit and plays a critical part in strengthening internal control maturity as the company scales through pre-IPO readiness and longer term as a public company.

Responsibilities:

SOX IT Program Leadership

• Lead and manage the organisation's end-to-end IT SOX compliance program

• Own SOX IT planning, scoping, testing, remediation, and reporting activities

• Build scalable, automated, and sustainable controls to support growth through pre-IPO and post-IPO readiness

• Develop and maintain the SOX IT compliance roadmap aligned with organisational growth

• Pioneer the use of AI and automation technologies to enhance control effectiveness, continuous monitoring, and risk detection

• Drive IT controls rationalisation initiatives to optimise the control environment and increase reliance on IT automated controls (ITACs)

ITGC and Application Controls

• Design, implement, and monitor IT General Controls (ITGCs) across critical systems

• Evaluate and test application controls and IT automated controls (ITACs) to ensure proper functionality and compliance

• Conduct system and process risk assessments to identify control gaps and remediation needs

• Oversee control documentation and ensure audit-ready evidence is maintained

• Assess and monitor Systems Development Life Cycle (SDLC) controls for new system implementations and changes

Cross-Functional Partnership

• Partner with Engineering, Security, IT, DevOps, and Finance teams to implement scalable controls

• Work directly with technical partners to design controls that align with business operations

• Collaborate with process owners to identify control improvements and automation opportunities

• Support SEC cybersecurity disclosure requirements and ongoing monitoring of cyber risks

External Audit Management

• Serve as the primary point of contact for external auditors on IT SOX matters

• Manage audit requests, coordinate testing schedules, and facilitate audit walkthroughs

• Track and report on IT SOX compliance status to leadership, the Board, and Audit Committee

If you have 10+ years of hands-on IT audit and SOX compliance experience, preferably in both Big 4 and in-house internal audit/SOX leadership roles at a fast-paced technology company, you may be a good fit for this role.

XML job scraping automation by YubHub

In this role, you will play a key part in evaluating and strengthening ZoomInfo's IT control environment, with a primary focus on executing SOX compliance testing across IT general controls, automated controls, and system integrations.

This position offers meaningful exposure to US GAAP, SOX compliance, and complex IT control environments, as well as the opportunity to work with automation and AI-driven tools.

You will work closely with US-based teams and stakeholders across IT and business functions, requiring a shifted schedule with availability until 12:00 PM PST to enable effective collaboration.

The ideal candidate brings strong analytical and communication skills, a proactive approach to problem solving, and a desire to grow in a fast-paced, high-growth SaaS environment.

Key Responsibilities:

• Execute IT audit plans including evaluation of IT general controls (ITGCs), automated controls, application controls, and system integrations in support of ZoomInfo's SOX compliance program

• Conduct risk and control assessments across IT environments, identifying control gaps and providing practical recommendations for improvement and remediation

• Perform SOX compliance testing for IT general controls across key domains including access management, change management, computer operations, and system development

• Document audit workpapers clearly and thoroughly, ensuring documentation meets professional standards and supports audit conclusions

• Communicate audit findings effectively, including control deficiencies, root cause analysis, and recommended remediation steps, to both technical and non-technical stakeholders

• Partner with IT and business unit stakeholders to build collaborative relationships and ensure effective audit outcomes

• Support the monitoring of management action plans and remediation efforts related to identified control deficiencies

• Leverage audit management technology (AuditBoard) and data analytics tools to enhance audit efficiency and quality

• Contribute to the continuous improvement of audit methodologies, tools, and best practices, including the adoption of AI and automation capabilities

• Stay current on changes in the IT landscape, regulatory environment, and industry trends to assess impacts on ZoomInfo's IT risk and control profile

Required Qualifications:

• Bachelor's degree in Accounting, Finance, Management Information Systems, Business Administration, or a related field

• CISA, CA or equivalent certification in good standing

• IT Audit Analyst: 3+ years of experience in IT audit, IT risk, or SOX compliance within a public company, Big 4 accounting firm, or equivalent corporate setting

• Senior IT Audit Analyst: 5+ years of experience in IT audit, IT risk, or SOX compliance within a public company, Big 4 accounting firm, or equivalent corporate setting

• Strong knowledge of IT general controls (ITGCs), automated controls, and IT risk assessment practices

• Solid understanding of SOX requirements, COSO framework, and COBIT standards as they relate to IT audit

• Familiarity with cloud-based platforms, SaaS applications, databases, and middleware solutions in the context of IT audit and SOX compliance

• Experience working with audit management technology; AuditBoard experience preferred

• Strong experience with data analytics and automation tools as applied to internal audit

• Excellent written and verbal communication skills in English, with the ability to present findings clearly to both technical and non-technical stakeholders

• Strong analytical, critical thinking, and problem-solving skills with the ability to manage multiple priorities and meet deadlines

• Ability to work independently and collaboratively in a fast-paced, global environment

Preferred Qualifications:

• Experience with enterprise SaaS applications such as Salesforce, Workday, or Okta in an audit or controls context

• Hands-on experience with data visualization tools and advanced analytics techniques

• Familiarity with scripting or programming concepts such as Python as applied to audit automation and data analysis

• Familiarity with artificial intelligence and prompt engineering as applied to audit and risk management workflows

• Experience with agile audit methodologies or continuous auditing frameworks

XML job scraping automation by YubHub

In this role, you will work cross-functionally with Engineering, Security, IT, DevOps, and Finance to ensure the organisation meets SOX 404 compliance requirements in a rapidly scaling, technology-driven environment.

This is a unique opportunity to build IT SOX controls at an AI-first company, leveraging cutting-edge AI technology to create innovative, automated, and scalable compliance solutions.

As the Head of IT SOX, you will own SOX IT planning, scoping, testing, remediation, and reporting activities. You'll work directly with technical partners to design and implement scalable controls, oversee documentation, and manage communication with external auditors.

Responsibilities:

• Lead and manage the organisation's end-to-end IT SOX compliance program
• Own SOX IT planning, scoping, testing, remediation, and reporting activities
• Build scalable, automated, and sustainable controls to support growth through pre-IPO and post-IPO readiness
• Develop and maintain the SOX IT compliance roadmap aligned with organisational growth
• Pioneer the use of AI and automation technologies to enhance control effectiveness, continuous monitoring, and risk detection
• Drive IT controls rationalisation initiatives to optimise the control environment and increase reliance on IT automated controls (ITACs)

ITGC and Application Controls:

• Design, implement, and monitor IT General Controls (ITGCs) across critical systems
• Evaluate and test application controls and IT automated controls (ITACs) to ensure proper functionality and compliance
• Conduct system and process risk assessments to identify control gaps and remediation needs
• Oversee control documentation and ensure audit-ready evidence is maintained
• Assess and monitor Systems Development Life Cycle (SDLC) controls for new system implementations and changes

Cross-Functional Partnership:

• Partner with Engineering, Security, IT, DevOps, and Finance teams to implement scalable controls
• Work directly with technical partners to design controls that align with business operations
• Collaborate with process owners to identify control improvements and automation opportunities
• Support SEC cybersecurity disclosure requirements and ongoing monitoring of cyber risks

External Audit Management:

• Serve as the primary point of contact for external auditors on IT SOX matters
• Manage audit requests, coordinate testing schedules, and facilitate audit walkthroughs
• Track and report on IT SOX compliance status to leadership, the Board, and Audit Committee

You may be a good fit if you:

• Have 10+ years of hands-on IT audit and SOX compliance experience, preferably in both Big 4 and in-house internal audit/SOX leadership roles at a fast-paced technology company
• Have proven ability to establish or scale SOX IT compliance programs at newly public or pre-IPO companies
• Possess deep understanding of ITGCs, application controls, and risk assessments
• Have strong project management, analytical, and communication skills
• Hold a Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field
• Are passionate about building scalable processes that support organisational growth and Anthropic's mission to create safe AI

Strong candidates may also have:

• Experience with Workday, Salesforce, NetSuite, GitHub, or other enterprise business systems
• CISA, CIA, CPA, or similar certification
• Experience supporting rapid company growth and scaling compliance programs accordingly
• Interest in or experience applying AI/ML technologies to audit, compliance, or risk management processes
• Understanding of financial data security and compliance requirements
• Experience working at a high-growth AI or technology company
• Familiarity with auditing modern software development environments

The annual compensation range for this role is $300,000-$360,000 USD.

XML job scraping automation by YubHub

This role is about finding the right balance between high-velocity innovation and the rigorous expectations of our partner banks and regulators. By moving toward data-driven, continuous monitoring, you will ensure our growth is anchored in integrity. You’ll drive a culture of audit readiness where excellence is the baseline and regulatory exams result in no surprises.

Some of the things you will do:

• Own the Audit Vision , evolve the risk-based internal audit strategy and ensure alignment with the company’s growth, regulatory expectations, and emerging risks.
• Provide Independent Assurance , deliver objective evaluations to the Board and Audit Committee(s) on the effectiveness of our risk management, internal controls, and governance.
• Ensure we Audit the Stack , own the audit universe; ensuring completeness of Audit coverage across Mercury. Oversee the audit program to ensure the plan includes the appropriate mix of technical and operational audits that dive deep into our business, automated movement of funds, and cloud infrastructure to ensure data integrity and security.
• Validate the "Magic" , ensure our audit program includes timely validation that new and existing product workflows and financial controls are operating exactly as intended, identifying potential friction before it impacts the customer.
• Bridge the Regulatory Gap , act as a key point of contact for our partner banks and regulators, providing them with the confidence that Mercury’s internal oversight is rigorous and proactive.
• Automate Oversight , design and implement continuous monitoring systems that replace manual checklists with real-time, data-driven audit insights.
• Champion SustainableRemediation , serve as the senior escalation point to partner with Engineering, Product, and Risk leads to ensure audit findings result in structural improvements, not just temporary fixes and that remediations are appropriately prioritized within the roadmaps, in line with risk.

There are lots of paths that could lead you to be successful in a role like this; we think the strongest candidates will have some of these experiences or attributes:

• Bring proven leadership in audit , you’ve built or scaled internal audit functions within high-growth banking or financial services, ideally at the intersection of traditional finance and fintech innovation.
• Have technical fluency , you are comfortable in a cloud-native, remote-first environment. You can discuss API integrity and automated controls as easily as you can discuss balance sheets and reconciliations.
• Navigate the regulatory landscape with confidence , you know what regulators expect, you’re comfortable engaging directly with them, and you can help Mercury anticipate and adapt to a changing environment.
• Maintain strong and effective independence , you have the fortitude to deliver difficult news and the diplomacy to ensure those insights lead to positive change.
• Communicate clearly and simply , whether you’re talking to the Board, regulators, engineers, or product teams, you cut through jargon and make risk concepts understandable and actionable.
• Balance protection with possibility , you know how to safeguard the company without slowing it down, and you see the audit function as a way to unlock and safeguard innovation, not stop it.
• Lead with curiosity and vision , you’re ambitious about where audit can go in a modern fintech, and you bring the curiosity to explore new ideas, new markets, and new ways of serving customers safely.
• Inspire and develop others , you build strong teams, mentor future leaders, and foster a culture of accountability, transparency, and trust across the company.

The total rewards package at Mercury includes base salary, equity, and benefits.

Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using the most reliable compensation survey data for our industry. New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers.

Our target new hire base salary ranges for this role are the following:

• US employees in New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $275,400 - $361,400
• US employees outside of the New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $247,900 - $325,250

XML job scraping automation by YubHub