Director – IT SOX

Role Overview:

The IT SOX Director is responsible for the end‑to‑end ownership of the SOX compliance program, covering IT General Controls (ITGCs), IT Application Controls (ITACs), automated controls, and Business / Financial Reporting SOX. This role partners closely with Information Security, IT, and Finance to ensure effective control design, testing, remediation, and continuous improvement in support of SOX Sections 302 and 404.

Key Responsibilities:

1. IT SOX Program Leadership & Strategy:

• Own and lead the end‑to‑end IT and Financial Reporting SOX program, ensuring effective design, operating effectiveness, remediation, and continuous improvement.
• Oversee SOX compliance for:
• IT General Controls (ITGCs), IT application controls, and automated controls across existing and new systems supporting financial reporting.
• Lead financial reporting risk assessments to determine SOX scope for new or changed business processes

1. Risk Assessment, Scoping & Control Design

• Lead annual and ongoing IT risk assessments to determine SOX scope for existing systems, new applications, platforms and technology changes
• Lead annual and ongoing risk assessments to determine SOX scope for existing and new financial reporting process; Manage the review of design and operating effectiveness of the process

1. SOX Testing Oversight & Issue Management:

• Oversee the design and operating effectiveness reviews of:
• ITGCs and ITACs across scoped systems and platforms
• Business and financial reporting controls across in‑scope processes
• Direct and guide the team through all phases of SOX testing, including planning, walkthroughs, testing, review, and reporting.

• Perform quality reviews of testing results to ensure accuracy, completeness, and audit readiness, and drive timely completion of in‑house SOX testing.
• Prepare IT and business process owners for external SOX audits, walkthroughs, and inquiries.
• Review SOC 1 Type II reports, assess control implications, and coordinate discussions with relevant process owners including Complementary User Entity Controls.
• Support identification, evaluation, and remediation of SOX deficiencies in partnership with stakeholders.

1. Audit & Stakeholder Management

• Coordinate and support external auditor requests, including walkthroughs, evidence submission, and issue resolution.
• Build strong working relationships with IT, Engineering, Information Security, and Finance Controllers to ensure smooth SOX execution.

1. Process Improvement, Automation & Transformation

• Identify and implement opportunities to automate IT and SOX controls, reduce manual effort, and increase auditor reliance.
• Drive standardization and quality of SOX documentation, including process flows, Risk & Control Matrices (RCMs), system diagrams, and role matrices.
• Promote continuous improvement through effective use of SOX tools, GRC platforms, AI tools, and data analytics. 

1. Team Leadership & Talent Development

• Lead, coach, and mentor the in‑house SOX team, fostering technical excellence and accountability.
• Set clear performance expectations, review work quality, and develop a high‑performing compliance culture.
• Support capability building and succession planning within the SOX function. 

1. Regulatory & Industry Awareness

• Stay current with SOX, PCAOB, COSO, and IT risk management standards, including emerging focus areas (eg: AI)
• Monitor regulatory developments and proactively adapt the SOX program to meet changing expectations

Skills required:

• Strong working knowledge of ITGC, ITAC, Key data reporting testing and financial reporting SOX
• Ability to interpret and leverage SOC 1 / SOC 2 reports, including evaluation of CUECs and sub‑service organizations
• Strong working knowledge on SOX scoping for IT applications/platforms and financial reporting process
• Strong understanding of COSO Internal Control Framework and alignment of IT controls to financial reporting risks
• Solid understanding of IT environments including ERP systems, cloud platforms, dev Ops, change pipeline and cloud controls
• Proven ability to lead, coach, and manage inhouse SOX teams
• Clear, concise communication of IT and financial reporting risks and control issues to senior management and audit committee

Education Qualification required:

• CA/CPA/IT or MBA Engineering graduates/Certified Information System Auditor/ with 10 to 15 years of IT SOX experience. The candidate should also possess reasonable business SOX experience.
• In-depth expertise in the COSO framework, PCAOB standards, and IT control environments.
• Demonstrated success leading large-scale, complex SOX programs within public company settings.
• Strong ability to engage and influence senior leadership and external auditors.

Zeta Global is a data-powered marketing technology company with a heritage of innovation and industry leadership. Founded in 2007 by entrepreneur David A. Steinberg and John Sculley, former CEO of Apple Inc and Pepsi-Cola, the Company combines the industry’s 3rd largest proprietary data set (2.4B+ identities) with Artificial Intelligence to unlock consumer intent, personalize experiences and help our clients drive business growth.

Our technology runs on the Zeta Marketing Platform, which powers ‘end to end’ marketing programs for some of the world’s leading brands. With expertise encompassing all digital marketing channels – Email, Display, Social, Search and Mobile – Zeta orchestrates acquisition and engagement programs that deliver results that are scalable, repeatable and sustainable.

Zeta Global is an Equal Opportunity/Affirmative Action employer and does not discriminate on the basis of race,

gender, ancestry, color, religion, sex, age, marital status, sexual orientation, gender identity, national origin, medical condition, disability, veterans status, or any other basis protected by law.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

https://www.forbes.com/sites/shelleykohan/2024/06/1G/amazon-partners-with-zeta-global-to-deliver- gen-ai-marketing-automation/

https://www.cnbc.com/video/2024/05/06/zeta-global-ceo-david-steinberg-talks-ai-in-focus-at-milken- conference.html

https://www.businesswire.com/news/home/20240G04622808/en/Zeta-Increases-3Q%E2%80%GG24-Guidance

https://www.prnewswire.com/news-releases/zeta-global-opens-ai--data-labs-in-san-francisco-and-nyc- 300S45353.html

https://www.prnewswire.com/news-releases/zeta-global-recognized-in-enterprise-marketing-software-and-cross-channel-campaign-management-reports-by-independent-research-firm-300S38241.html