IT SOX Compliance Manager; LOD

Position: IT SOX Compliance Manager (2LOD)
Overview

Ready to be a Titan?

Service Titan has entered a new era as a recently public company. We are looking for an exceptional IT SOX Compliance Manager (2

LOD) to evolve our program into a strategic compliance and risk management engine. In this role, you will serve as a key leader within the Second Line of Defense (2

LOD). You won't just be running tests; you will be architecting the governance framework that ensures financial integrity across our high-growth, cloud-native ecosystem. You will champion the balance between rigorous control environments and the velocity required by our business teams.

What you’ll do:

Responsibilities

• Own IT SOX Strategy:
Lead the end-to-end lifecycle of IT SOX compliance, including risk assessment, scoping, control design, and deficiency management to mitigate technology risks tied to financial reporting.

• Manage key 2

LOD Control Execution:
User Access Reviews, Segregation of Duties analysis, and Policy & Standard Annual Review

• Strategic Advisory & Change Management:
Act as a trusted advisor to IT, Engineering, and Finance. You will evaluate the risk impact of new system implementations (e.g., custom billing), architecture changes, and operational pivots before they go live.

• 2

LOD Oversight & Governance:
Challenge the First Line (management) on control design and effectiveness. You will drive system control readiness reviews and hold teams accountable for the timely remediation of audit findings.

• Tech-Forward Compliance:
Move beyond spreadsheets. Implement automation and continuous monitoring (leveraging tools like Audit Board and Hyperproof) to streamline compliance and reduce manual overhead.

• External and Internal Audit Liaison:
Serve as the primary point of contact for our internal and external auditors, managing the relationship to ensure efficient execution, minimize audit fatigue, and articulate our risk posture to senior leadership.

• Mentorship & Culture:
Coach and develop team members, fostering a culture of risk awareness across the organization through training and guidance.

• Innovation:
Lead special projects involving AI governance, process optimization, and the integration of new technologies into the SOX framework.

• Support for Additional Certifications and Attestations:
Assist with broader compliance efforts, including audit preparation, evidence support, and control readiness for SOC 1, SOC 2, ISO 27001, ISO 27701, and ISO 42001. Work with cross functional teams to ensure consistent control execution and a unified compliance approach.

Qualifications

• Education & Certification:
Bachelor’s degree in Information Systems, Accounting, or a related field. CISA, CPA, or CIA certification is highly preferred.

•

Experience:

5+ years of experience in IT SOX Compliance, IT Audit, or Risk Advisory, with a background in Big Four firms or a leadership role in a public company.

• Technical Proficiency:
Deep understanding of complex enterprise environments. You bring hands-on knowledge of:

- Enterprise SaaS vendors (i.e. Workday, Salesforce, Git Hub, Jira, Okta, etc)
- Cloud

Infrastructure: Azure and GCP controls and their integration with SOX.
- Custom Development Governance:
Experience in establishing control frameworks for in-house applications, focusing on secure coding practices, release management, and access controls.

• The 2

LOD Mindset:
You understand the distinction between doing the control and governing the risk. You have strong critical thinking skills and the ability to "connect the dots" between technical flaws and financial risk.

• Tooling Expertise:
Proficiency in GRC platforms (Audit Board, Hyperproof, Drata, Anecdotes) and a desire to leverage AI in compliance workflows.

• Outstanding communication skills with the ability to influence stakeholders, translate technical risks for non-technical leadership, and manage complex cross-functional programs.

Why This Role?

• Impact at Scale:
As a recently public company, you will play a direct role in maintaining the trust of our shareholders and customers during this high-stakes, high-growth period.

• Innovation First:
We don't want a "legacy" compliance program. We are challenging ourselves to leverage AI to…