IT SOX Compliance Lead

Job Summary

The IT SOX Specialist is responsible for leading the design, execution, monitoring, and continuous improvement of Acuity’s IT General Controls (ITGC) program in support of Sarbanes-Oxley (SOX) compliance. This role sits within the Cyber GRC function and partners closely with Internal Audit, external auditors, and technology stakeholders to ensure the effectiveness of IT controls across enterprise systems and platforms.

Key Tasks & Responsibilities (Essential Functions)

• Lead and oversee the IT General Controls (ITGC) program to ensure SOX compliance across enterprise systems, including control testing, deficiency evaluation, and remediation tracking.
• Coordinate ITGC risk assessments, control documentation, walkthroughs, and testing activities across access management, change management, and IT operations. Evaluate control design and operating effectiveness; identify deficiencies, assess risk impact, and partner with technology stakeholders on remediation planning.
• Track remediation progress, validate corrective actions, and escalate unresolved risks in accordance with governance expectations.
• Serve as the primary liaison with Internal Audit and external auditors, supporting IT SOX requests and ensuring timely, audit‑ready deliverables.
• Prepare executive‑ready reporting on control performance, deficiencies, and overall compliance status, while driving continuous improvement and control maturity.
• Coordinate with IT SOX control owners to obtain evidence, clarify control execution and support remediation activities.

Skills and Minimum Experience Required

• Bachelor’s degree in Computer Science, Finance, Accounting, or equivalent practical experience supporting SOX or IT control programs.
• 5+ years of experience in IT audit, SOX compliance, or IT controls, with demonstrated ownership of ITGCs across enterprise environments (ERP, finance, or core business systems).
• Strong understanding of SOX 404 requirements, IT General Controls (ITGCs), and risk assessment methodologies, with the ability to apply them independently.
• Proven ability to manage multiple assignments and meet deadlines in a dynamic environment.
• Proactive in identifying process gaps and implementing remediation strategies.
• Familiarity with security architecture and business process controls.
• Strong analytical skills with experience reviewing system data, access reports, and technical evidence, and working with Excel-based datasets and reports
• Strong communication and reporting skills, with a proactive and ownership-driven mindset.
• Experience with GRC applications such as Workiva, ProcessUnity, etc.

Why Work for Acuity 

• At Acuity, you’ll join a GRC organization that is recognized for its strategic importance, investment in people, and commitment to innovation. Our Cyber Governance, Risk, and Compliance program is not just about protecting assets—it’s about enabling the business, building trust with our customers, and empowering our associates to thrive in a rapidly evolving digital landscape. 

• Culture of Learning and Collaboration: We foster a culture that prioritizes continuous learning, knowledge sharing, and cross-functional teamwork as core values. You’ll collaborate with experts in Legal, HR, Product Security, Engineering, and more to ensure your work is always relevant and impactful.  

• People-Focused Values: Acuity is a value-driven organization. We believe in integrity, curiosity, and creating an environment where the best people come to do their best work. Our leadership is committed to attracting, developing, and retaining top talent, and we celebrate the diverse perspectives and backgrounds of our team members. 

Join Acuity and help us build a safer, smarter, and more resilient future—where your expertise and passion for GRC will make a real difference.