Tyler Technologies Careers

Description

We are seeking an IT SOX Compliance Manager to be responsible to lead the enterprise-wide IT SOX compliance program with a focus on governance, risk assessment, control design evaluation, and program oversight. 

This role is part of Tyler’s Compliance Team.  The position reports to the Vice President of Internal audit and works closely with the Chief Information Officer.  The Compliance team does not perform control testing, so this role serves in an advisory capacity centered around program ownership, risk and control design oversight, coordination with control owners, facilitation of remediation, training, and partnership with Internal Audit and external auditors.

Responsibilities

• Lead the company’s IT SOX compliance program, ensuring that financial reporting risks tied to technology and data are appropriately mitigated.
• Provide thought leadership on new business initiatives, system implementations, IT policy changes, personnel changes, assessing the impact to the SOX compliance program, and advising the business accordingly.
• Conduct and update risk assessments and scoping, especially around systems supporting financial reporting, revenue recognition, etc.
• Partner with cross-functional stakeholders in IT, Finance, and Internal Audit to maintain strong control design and accountability.
• Maintain and oversee SOX documentation, including risk and control matrices (RCMs), process and data flows, system diagrams, etc.
• Support process owners through training, reviewing, and providing guidance for their processes including, but not limited to, IT General Controls, IT Operations, IT Application Controls, Key Reports and SOC Reporting.
• Coordinate the SOX walkthrough and testing calendar, ensuring alignment across Internal Audit, external auditors, and control owners.
• Facilitate the deficiency management and remediation process, from root cause analysis to retesting readiness.
• Support the implementation of automation and continuous control monitoring as part of control enhancement efforts.
• Track and communicate program status, issues, and risks to the Vice President of Internal Audit and the Chief Information Officer, including preparation of reports for the Audit Committee.
• Monitor emerging risks in IT compliance, including cybersecurity threats that could impact SOX controls.

Qualifications

• Bachelor’s degree in information systems, Accounting, Finance, or related field.
• Relevant professional certification is preferred, such as Certified Information Systems Auditor (CISA), Certified information systems security professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Security Controls (CRISC).
• 8+ years of relevant experience, including IT SOX, IT audit, or risk management at a public company or Big 4/public accounting firm.
• Strong understanding of SOX 404, COSO, COBIT, and PCAOB standards.
• Familiarity with ITGCs, application controls, key reports, and SOC 1 reports.
• Experience managing a SOX compliance program without direct ownership of testing activities.
• Excellent communication and project management skills; proven ability to influence across departments.
• Comfortable navigating complex IT environments, including ERP systems, cloud platforms, and cybersecurity frameworks.
• A team player and process-oriented focus with excellent interpersonal, analytical, and problem-solving skills.
• Exhibit critical thinking skills and ability to complete tasks with appropriate level of skepticism.
• Proficiency in annual and rolling SOX scoping based on risk factors and materiality.
• Deep understanding of ITGCs.
• Competence in identifying and assessing application controls, key reports, and interface controls.
• Skilled in documenting IT processes, process and data flows, and risk and control matrices (RCMs).
• Strong project management capabilities for handling timelines, milestones, and dependencies.
• Familiarity with ERP systems.  Microsoft D365 Finance and Operations a plus.
• Ability to review SOC 1 reports and assess reliance on third-party controls.
• Able to translate complex IT and control concepts into business-friendly language.
• Ability to work remotely with team members in multiple locations. 
• Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements