An opportunity is available for a Senior Manager, IT (SOX) Compliance & Systems at CG Oncology, Inc., a rapidly growing, publicly traded biopharmaceutical company focused on developing novel immunotherapies for bladder cancer. This leader will drive the organization’s IT SOX compliance program while also overseeing core system administration and IT operations.

This is a full-time, fully remote position in the United States. The pay range is $153,000 – $180,000 USD per year, plus competitive equity, bonuses, and unlimited flexible time off.

Role Summary and Compliance/Operations Dual Mandate

This Senior Manager is the central figure for maintaining IT General Controls (ITGC) compliance and operational excellence. The role requires a strong partnership with Finance and Audit teams to ensure regulatory alignment for a publicly traded company while simultaneously managing day-to-day IT systems administration.

Essential Functions

• IT SOX/ITGC Leadership: Lead the IT SOX compliance program, including ITGC design, implementation, documentation, and testing. Develop and maintain IT compliance policies, procedures, and control documentation consistent with regulatory requirements and industry best practices.
• Audit Coordination: Partner with Finance and Internal Audit to ensure IT controls align with overall SOX requirements. Coordinate ITGC testing with auditors, managing requests, walkthroughs, and evidence collection.
• System Administration & Operations: Oversee issue management processes (troubleshooting, root cause analysis, escalation) for IT systems. Perform general system administration and maintenance (user account provisioning, patching, performance monitoring).
• Control Management: Oversee system access reviews, change management controls, segregation of duties, and IT operations monitoring.
• Remediation & Improvement: Identify control deficiencies, perform root cause analysis, and develop effective remediation plans. Drive continuous improvement in control effectiveness, efficiency, and automation.
• Training & Culture: Provide training and guidance to IT and business partners on SOX requirements and promote a culture of compliance through awareness programs.

Required Experience and Technical Qualifications

The ideal candidate is an IT audit or risk veteran, preferably with hands-on experience in the biotech/healthcare sector and deep functional knowledge of financial systems and SOX frameworks.

• Experience (Required):
  • 7+ combined years of IT audit, IT risk, or IT compliance experience in a public company, Big Four, or biotech/healthcare environment.
  • OR hands-on experience administering and supporting financial systems (e.g., NetSuite, Coupa, JDE) in a financial control setting.
• Compliance Expertise: Strong knowledge of SOX requirements, IT General Controls (ITGC), and IT risk frameworks (COBIT, COSO, NIST). Demonstrated expertise in SOX 404 testing and compliance, preferably in the biotech, pharmaceutical, or life sciences industry.
• System Knowledge: Experience managing IT compliance programs across regulated enterprise applications (e.g., Rippling, FloQast). Knowledge of various IT systems relevant to financial reporting.
• Financial Acumen: Strong understanding of financial processes (P2P, O2C, GL) and their impact on IT controls. Strong knowledge of GAAP, COSO framework, and relevant auditing standards.
• Cloud & Administration: Familiarity with cloud-based infrastructure (e.g., Azure) and associated control environments. Ability to manage system integrations, upgrades, and maintenance for financial applications.
• Education & Certifications: Bachelor’s degree required. Professional certifications such as CISA, CISSP, or CIA are preferred.