SOX and ITGC Manager
FigmaJob Location
Salary Range
Job Summary
The SOX and ITGC Manager will implement and ensure effectiveness of IT General Controls (ITGCs) and application controls related to business & IT systems. They will act as primary point of contact between IT, application owners, and internal/external auditors to handle auditing activities, requests, and remediation of audit findings. The role involves leading design, implementation, and monitoring of ITGC frameworks, developing policies and procedures, partnering with audit teams, and conducting risk assessments. This is a full-time role that can be held from one of our US hubs or remotely in the United States. We value smart, curious people who are excited to learn and develop their skills. If you have 5+ years of audit/assessment experience and knowledge of ITGC frameworks, ERP systems, and project management, we encourage you to apply.
The SOX and ITGC Manager will have primary responsibility for implementing, and then ensuring effectiveness of all IT General Controls (ITGCs) and application controls related to our business & IT systems. The manager will act as the primary point of contact between IT, application owners, and internal / external auditors to provide leadership in handling auditing activities, requests and developing responses to audit findings, and leading remediation of audit findings. The role will also partner with accounting business partners to ensure that ITAC's that involve business systems are implemented and operating effectively.
This is a full time role that can be held from one of our US hubs or remotely in the United States.
What you’ll do at Figma:
Lead the design, implementation, and monitoring of ITGC frameworks for corporate systems, including access controls, change management, data integrity, and IT operations
Develop and maintain ITGC policies, procedures, and documentation to support the organization's control environment
Partner with internal and external audit teams to support ITGC testing and resolve findings efficiently
Work closely with system owners, IT teams, and business stakeholders to address risks, implement controls, and enhance system security
Implement a standardized process for performing UAR’s and change log reviews, pushing to automate and optimize these processes where feasible
Provide relevant awareness training to control owners
Conduct regular risk assessments of corporate systems to identify potential control gaps and recommend remediation strategie
We'd love to hear from you if you have:
5+ years of audit/assessment experience with SOX
In-depth knowledge of ITGC frameworks, including access management, change management, and operations
Strong understanding of ERP systems, cloud-based applications, and corporate IT infrastructures
Solid project management and organizational skills with the ability to manage multiple priorities
Effective communication skills, with the ability to convey complex concepts to technical and non-technical audiences
While not required, it’s an added plus if you also have:
Experience with audit tools, GRC platforms, and automation technologies
Certified Information Security Auditor (CISA)
At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
