✦ Luna Orbit — Legal & Compliance

Manager, Corporate IT SOX Audit

at CVS Health

Unknown 💰 $66K – $145K USD / year Posted April 15, 2026
Apply Now → ← Browse All Jobs

Position Details

Salary $66K – $145K USD / year
Type Full-Time
Experience mid
Exp. Years 5+ years
Education Bachelor's degree or equivalent experience
Category Legal & Compliance

About this role

Lead CVS Health’s Corporate IT SOX compliance program by managing IT SOX audit projects and teams. You will test IT General Controls, identify control gaps, and communicate audit results and improvements to leadership.

Key Responsibilities

  • Lead multiple IT SOX and technology audit projects
  • Test and assess IT General Controls (ITGCs)
  • Document IT processes, workflows, and data flows
  • Identify control gaps and recommend practical improvements
  • Educate stakeholders on risks and control effectiveness

Technical Overview

This role focuses on IT SOX compliance activities including testing IT General Controls (ITGCs), documenting IT processes, workflows, and data flows, evaluating SOC reports and other compliance requirements, and coordinating with internal leaders and external auditors. It also requires familiarity with control and security frameworks and regulations such as NIST, COBIT, ISO 27001, HITRUST, PCI DSS, HIPAA, GDPR, and CCPA as well as eGRC tools.

Ideal Candidate

The ideal candidate is an IT SOX audit professional with 5+ years of experience leading IT SOX compliance and technology audit projects. They have hands-on experience testing IT General Controls (ITGCs), documenting IT processes and data flows, and delivering audit results to leadership while strengthening the SOX program. Strong knowledge of SOX and financial reporting controls (plus familiarity with NIST, COBIT, ISO 27001, HITRUST, PCI DSS, HIPAA, GDPR, and CCPA) is highly valued.

Must-Have Skills

IT SOX auditSOX complianceStrong communicationproblem-solvingcritical thinkingStrong collaborationhigh attention to detailSolid understanding of IT riskscontrolsand processesWillingness to travel up to 10%Bachelor's degree or equivalent experience

Nice-to-Have Skills

Strong knowledge of SOX and financial reporting controlsmanaging audit work with internal and external partnersExperience leading technology audit projectsStrong program and project management skillsIndustry experience in HealthcareInsuranceor Retailknowledge of cloudKnowledge of cybersecurityKnowledge of data protectionKnowledge of IT operationsFamiliarity with frameworks and regulations such as NISTCOBITISO 27001HITRUSTPCI DSSHIPAAGDPRCCPAFamiliarity with eGRC tools

Tools & Platforms

NISTCOBITISO 27001HITRUSTPCI DSSHIPAAGDPRCCPAeGRC toolsSOC reportsSOX

Required Skills

IT SOX auditSOX complianceIT General Controls (ITGCs)SOC reportsaudit scopeaudit timelinesstaffingrisk and control effectivenessNISTCOBITISO 27001HITRUSTPCI DSSHIPAAGDPRCCPAeGRC toolstechnology audit projectsCPACIACISA

Hard Skills

IT SOX auditSOX complianceIT audit project managementaudit scope planningaudit timelinesstaffingaudit coachingSenior Auditorstechnology audit projectsinternal auditIT General Controls (ITGCs)testing IT General Controlsprocess documentationworkflow documentationdata flow documentationcontrol gaps identificationrisk and control effectiveness educationSOC reportsIT risksIT controlsIT processescompliance requirements evaluationSOX program strengtheningexternal auditors coordinationcloudcybersecuritydata protectionIT operationsNISTCOBITISO 27001HITRUSTPCI DSSHIPAAGDPRCCPAeGRC toolsSOX and financial reporting controls

Soft Skills

communicationproblem-solvingcritical thinkingability to work effectively with all levels of the organizationcollaborationability to work independentlyattention to detailprofessionalismleadershipintegrityethical behaviorrespect for diversityteam collaborationstakeholder education

Certifications

Preferred

CPACertified Public Accountant (CPA)CIACertified Internal Auditor (CIA)CISACertified Information Systems Auditor (CISA)

Industry & Role

Industry Healthcare IT
Job Function Manage and execute the Corporate IT SOX audit and compliance program.
Role Subtype Compliance Officer

Keywords for Your Resume

ManagerCorporate IT SOX AuditIT SOX auditSOX complianceIT General Controls (ITGCs)SOC reportsaudit scopeaudit timelinesstaffingSenior Auditorstechnology audit projectsrisk and control effectivenesscontrol gapsNISTCOBITISO 27001HITRUSTPCI DSSHIPAAGDPRCCPAeGRC toolsCPACIACISA

Deal Breakers

Less than 5 years of experience in IT SOX audit, compliance, or risk, Not willing to travel up to 10%

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile