SOX Compliance Lead

SOX Compliance Lead

HP is seeking a highly motivated and experienced SOX Compliance Lead to join our Security, Risk Management & Compliance department which supports engineering in building customer trust, strengthening platform and product security, and enabling effective risk management and compliance.

This role is a highly visible role managing and executing the compliance and internal control testing processes related to SOX. It partners with Engineering, IT, Finance, Internal Audit, and the External Auditors to assess and ensure that internal controls over financial reporting (ICFR) are designed and operating effectively.

This role will also be essential in organizational efforts to further integrate Agentic AI within the SDLC to reduce compliance burden while still ensuring adherence to SOX and other security and privacy regulatory requirements and certifications.

• Manage and execute the SOX compliance program, including scoping, risk assessment, testing, and remediation activities.
• Identify and evaluate ITGCs across areas such as access controls, change management, system operations, and SDLC.
• Collaborate with control owners to ensure understanding, proper documentation, and implementation of IT control procedures.
• Perform walkthroughs and testing of controls for key financial systems and supporting infrastructure.
• Track, document, and communicate control deficiencies and remediation plans.
• Serve as a liaison between Engineering, IT, internal audit, and external auditors during SOX reviews.
• Assist with the development and maintenance of SOX documentation including risk/control matrices, process narratives, and flowcharts.
• Monitor and report on compliance status and risks to leadership through dashboards and reports.
• Provide guidance on control design and process improvements to enhance the overall IT control environment.
• Support other security and privacy compliance requirements such as ISO / SOC2, NIS2, DORA, EO 14117, EU CRA, EU AI Act, GDPR, etc.
• Support Shift-Left and Agentic AI efforts to improve the SDLC by moving testing and security earlier in the lifecycle and automating processes to reduce manual development and compliance efforts.

• Strong understanding of internal control over financial reporting (ICOFR), risk assessment, IT General Controls (ITGC), and PCAOB expectations.
• Demonstrated experience testing ITGCs for applications, operating systems, and databases and reviewing / validating the completeness and accuracy of audit evidence.
• Experience in constructively challenging internal and external auditors when appropriate, ensuring audit requests and findings are risk based, practical, and aligned with regulatory guidance.
• Attention to detail and quality, balanced with the ability to see the big picture and identify areas for process simplification.
• Ability to proactively look ahead, anticipate questions, independently assess risk, think critically and creatively to achieve the best outcome, and elevate issues to the right level internally and externally to resolve.
• Proven ability to work in a deadline-driven environment and handle multiple projects simultaneously.
• Excellent interpersonal, written and verbal communications, presentation and influencing skills.
• Strong planning and project management skills.

• 8+ years of experience in IT Audit, IT Compliance, or a related discipline, with direct SOX IT compliance experience.
• Bachelor's degree in Business Administration, Accounting, Management Information Systems (MIS), Computer Science or related field.
• Preferred certifications: CISA, CISM, CRISC, CISSP or similar certifications.

• Business Processes
• ICOFR
• IT General Controls
• IT Audit
• System and Organization Controls (SOC) reports

• Auditing Git Hub or similar source code repositories
• Automating compliance efforts to reduce manual burden
• Cybersecurity Governance, Risk & Compliance
• Control frameworks such as NIST CSF, NIST AI RMF, ISO 27001, SOC2, etc.
• Familiarity with AI risk management

• Health insurance
• Dental insurance
• Vision insurance
• Long term/short term disability insurance
• Employee assistance program
• Flexible spending account
• Life insurance
• Generous time off policies including 4-12 weeks fully paid parental leave based on tenure, 11 paid holidays, and additional flexible paid vacation and sick leave (US benefits overview).

The pay range for this role is $105,050 to $161,800 USD annually with additional opportunities for pay in the form of bonus and/or equity (applies to United States of America candidates only). Pay varies by work location, job-related knowledge, skills, and experience.

HP offers a comprehensive benefits package for this position.

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected…