SOX Audit Program Manager

SIMON•Little Rock, AR

About The Position

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. Position Summary The SOX Audit Program Manager is responsible for planning, coordinating, and executing Internal Audit’s independent testing of SOX and FDICIA internal controls over financial reporting. The position serves as the subject matter expert for SOX/ICFR within Internal Audit and provides technical oversight and review of audit work performed by other Internal Audit staff. This role does not design, own, or operate controls, nor does it perform management or first-line testing activities. The position operates exclusively within the third line of defense, providing independent assurance in accordance with the Internal Audit Charter, IIA Standards, and applicable regulatory expectations. The SOX Audit Program Manager works independently under minimal supervision, exercises significant professional judgment, and applies advanced technical and project management skills. The role includes project leadership and technical review responsibilities, but does not include direct people management, performance evaluations, or HR authority

Requirements

Advanced knowledge of SOX, FDICIA, ICFR, and the COSO framework.
Strong analytical, audit planning, and organizational skills.
Excellent written and verbal communication skills.
Strong project management and time‑management capabilities.
Ability to analyze complex processes and evaluate control design and effectiveness.
Ability to prepare clear, concise audit documentation and executive‑level reporting.
Ability to effectively present information to senior management and Audit Committee members.
High degree of professional judgment, independence, and ethical standards.
Bachelor’s or master’s degree in business administration or accounting preferred.
5+ years of progressive experience in Internal Audit, SOX compliance, or public accounting with a focus on internal controls.
Strong understanding of Internal Audit independence and third‑line responsibilities.
Familiarity with PCAOB and IIA standards related to ICFR and internal controls.
Ability to handle confidential information with discretion and professionalism

Nice To Haves

Prior experience leading or coordinating SOX 404 and/or FDICIA testing for a financial institution strongly preferred.
Banking or financial services audit experience preferred
CPA strongly preferred.
CIA or other relevant professional certifications a plus.
If CPA, must be a member in good standing with the AICPA and/or applicable state societies.

Responsibilities

Lead the planning, coordination, and execution of Internal Audit’s annual SOX 404 and FDICIA testing program, in accordance with the risk‑based audit plan approved by audit leadership.
Develop and maintain risk‑based SOX/FDICIA audit programs, including scope determination, testing strategy, and timing of interim and year‑end procedures.
Conduct and oversee process walkthroughs for in‑scope financial reporting processes to obtain audit understanding and validate management‑identified controls.
Evaluate the design and operating effectiveness of key internal controls over financial reporting, including sample selection, execution of test procedures, and documentation of results.
Review SOX testing work performed by Internal Audit staff for technical accuracy, sufficiency of evidence, and adherence to Internal Audit and COSO standards.
Coordinate SOX‑related audit activities across business units while maintaining independence and objectivity.
Anticipate and identify potential control gaps, deficiencies, or emerging risks within financial reporting processes.
Evaluate and classify control issues (control deficiencies, significant deficiencies, potential material weaknesses) and ensure findings are supported, clearly documented, and appropriately escalated.
Communicate audit progress, issues, and results to the Director of Internal Audit and Chief Audit Executive.
Prepare and review SOX audit reports, management issue writeups, and executive‑level summaries.
Present SOX audit results and internal control assessments to senior management, as requested.
Monitor and validate management’s remediation plans and perform follow‑up testing to confirm timely and effective issue resolution.
Serve as the primary Internal Audit liaison with external auditors for SOX/ICFR matters, supporting reliance on Internal Audit work where appropriate.
Ensure all SOX audit activities comply with applicable laws, regulations, professional standards, and Internal Audit policies, including completion of required compliance training.
Maintain working knowledge of banking operations, accounting standards, regulatory guidance, and emerging SOX/ICFR best practices.
Identify opportunities to improve SOX audit efficiency, methodology, documentation standards, and use of audit technology.
Pursues professional development opportunities, including external and internal training and professional association memberships and shares information gained with management.
Pursues ongoing professional development through training, continuing education, and professional certifications.
Shares technical knowledge and best practices with Internal Audit management and staff.
Assumes responsibility for learning and applying new audit tools, systems, and technologies relevant to SOX and ICFR testing.
Assists with special projects, regulatory requests, or other Internal Audit initiatives assigned by audit leadership.
Performs other duties as assigned