IT Manager , SOX & ITGC Compliance

IT Manager, SOX & ITGC Compliance

Location:

Waltham, MA

Salary Range: $116,000 - $178,000 (US)

Repligen is a global biotech company committed to advancing bioprocessing. We are looking for an experienced IT Manager, SOX & ITGC Compliance to lead internal controls over financial reporting and key digital systems.

Lead the design, implementation, and ongoing effectiveness of internal controls over financial reporting and key digital systems. Drive the ITGC audit program, advise on risk mitigation strategies, and partner with Internal Audit, IT, Financial Reporting, and external auditors.

• Lead planning, execution, and documentation of SOX IT testing activities, partnering closely with external auditors and co-sourced teams.
• Oversee design, implementation, and testing of IT General Controls, including:
  • Access Management (user provisioning, privileged access, segregation of duties)
  • Change Management (system updates and configuration changes)
  • IT Operations (backup/recovery, job scheduling, incident management)
  • SDLC controls
• Coordinate and oversee day-to-day activities of 3rd‑party SOX testing partners and escalation of issues.
• Partner with Digital control owners to ensure timely testing, certifications, and issue resolution.
• Train and support control owners to maintain accurate, compliant SOX documentation.
• Evaluate the design and operating effectiveness of ITGCs across Logical Access, Change Management, System Operations, and IT Governance.
• Conduct IT application control reviews for key systems such as SAP, Tagetik, Workday, Service Now.
• Provide guidance on control design, new implementations, and remediation activities.
• Monitor and track remediation plans for identified control weaknesses.
• Serve as SME for system implementations and infrastructure changes to ensure “controls by design.”
• Maintain ITGC narratives, process flows, and risk/control matrices.
• Identify and drive process improvements, automation opportunities, and standardization across ITGC and SOX processes.
• Utilize data analytics to enhance testing quality, reduce risk, and improve audit coverage.
• Stay current on regulatory requirements (SOX, GDPR, CCPA) and relevant frameworks (COSO, COBIT, NIST).
• Act as the primary liaison with internal teams, Internal Audit, and external auditors.
• Communicate risks, findings, and recommendations to both technical and non-technical stakeholders, including senior leadership.

• 8–10 years of hands‑on experience in IT Audit, ITGC, or IT Risk Management within a public or large‑scale company.
• Deep understanding of SOX ITGC requirements and COSO/COBIT frameworks; proven experience designing SOX controls.
• Strong knowledge of SAP controls.
• Solid understanding of enterprise applications and IT infrastructure (Windows/Linux, Service Now).
• Experience managing the full audit lifecycle and working with external auditors (Big Four experience a plus).
• Familiarity with cloud security controls (AWS, Azure, GCP).
• Strong analytical skills with experience identifying control gaps and developing actionable remediation strategies.

• Bachelor’s degree required.
• Preferred (not required): certifications in data management or business intelligence (e.g., CDMP, CBIP).

Repligen offers a broad range of benefits including paid time off, health/dental/vision coverage, retirement benefits, and flexible spending accounts. Employees may participate in variable cash programs and eligible positions may receive equity. Compensation will be confirmed in writing at the time of offer.

• Mid‑Senior level

• Full‑time

• Information Technology