HighLevel

The all-in-one sales & marketing platform that agencies can white-label. CRM, Email, 2-way SMS, Funnel Builder, & more!

Director – IT Compliance

ComplianceComplianceFull TimeRemoteLeadTeam 201-500Since 2018H1B No SponsorCompany Site LinkedIn

Location

United States

Posted

48 days ago

Salary

Not specified

Seniority

Lead

Bachelor Degree12 yrs expEnglishCloud

Job Description

• Own and lead the enterprise ITGC strategy and operating model, in consultation with the Chief Accounting Officer and SOX Compliance function • Develop, maintain, and continuously evolve the ITGC framework, including application controls, aligned to business growth and regulatory expectations. • Establish governance and accountability for all ITGCs across IT, Engineering, and cloud platforms. • Inventory all systems and tools that support financial reporting (either directly or indirectly) and define risk-based tiering and prioritisation. • Drive implementation of IT general controls and application controls across the enterprise, system-by-system, based on the prioritised risk profile. • Ensure high-quality documentation, testing readiness, and continuous improvement of IT control processes. • Identify, assess, and proactively manage IT and technology-related SOX risks, ensuring appropriate preventive and detective controls are in place. • Serve as the primary executive owner for internal and external IT audits, SOX reviews, and control assessments. • Partner cross-functionally with Engineering, Product, Security, Finance, and Compliance to ensure integrated and scalable risk management • Oversee the day-to-day effectiveness of ITGC operations, including access management, change control, batch processing, backup and recovery, logging, and cloud configuration controls for in-scope systems. • Exercise authority to enforce ITGC requirements, including requiring remediation, escalating non-compliance, and pausing or blocking changes or releases that introduce SOX control risk. • Embed ITGC requirements into CI/CD pipelines, infrastructure-as-code, cloud platforms, and automated access workflows to ensure controls are preventive, repeatable, and scalable. • Own remediation strategy and execution for ITGC deficiencies, including prioritization, root-cause resolution, validation of fixes, and prevention of repeat findings. • Maintain accountability for long-term control durability, ensuring controls remain effective as systems, platforms, and delivery models evolve. • Build, mentor, and scale the ITGC function, including future team growth as the company scales.

Job Requirements

Bachelor’s degree in Information Technology, Computer Science, or a related field
12+ years of progressive experience in IT, internal audit, external audit, or risk management, with significant leadership experience; must have at least 3+ years of experience at a U.S. public company
CGEIT, CISM, CISA, CRISC, CCEP, or equivalent certifications required
Deep understanding of SOX 404, regulatory requirements, and industry standards; technology industry experience strongly preferred
Strong command of internal control frameworks (COSO, COBIT) and enterprise risk assessment methodologies
Proven experience leading IT audits, SOX programs, and control functions in complex technology environments
Strong executive-level communication, analytical, problem-solving, and program management skills
Demonstrated ability to influence senior leaders and enforce standards without direct authority
Experience scaling controls in high-growth, cloud-native, CI/CD-driven organizations preferred