IT SOX Manager

About the position

Founded in 2011, Fulgent has evolved into a premier, full-service genomic testing company built around a foundational technology platform. Through our diverse testing menu, Fulgent is focused on transforming patient care in oncology, anatomic pathology, infectious and rare diseases, and reproductive health. We believe that by providing a wide range of effective, flexible testing options in conjunction with best-in-class service and support, we can redefine the way medicine is managed for patients and clinicians alike. Since integrating with our therapeutic development business, Fulgent is also developing drug candidates for treating a broad range of cancers using a novel nanoencapsulation and targeted therapy platform. By merging our fields of expertise, we aim to become a fully integrated precision medicine company.

Responsibilities

• Manage and direct the work streams related to IT SOX compliance, including IT General Controls (ITGC), Segregation of Duties (SOD) controls, and application controls.
• Develop and oversee the Software Development Life Cycle (SDLC) program for the SOX system implementations to ensure appropriate IT controls are in place before system go-live.
• Collaborate with SOX process teams, external auditors, management, and other testing groups to address key risks effectively and ensure compliance.
• Coordinate and facilitate the PBC requests for tests of design (ToD) and tests of operating effectiveness (ToE) overall IT systems.
• Coordinate IT SOX walkthroughs, ensuring clear communication, appropriate supporting documentation, and alignment among all stakeholders.
• Collaborate with internal and external auditors to facilitate SOX audits and ensure timely completion.
• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC including control gaps and findings identified by management.
• Review test findings, assist developing remediation action plans, facilitate the remediation of ITGC and IT Automated/Application (ITAC) control gaps.
• Participate in systems upgrades, integrations and enhancements, as necessary, to review that internal controls over financial reporting are adequately identified and addressed.
• Lead the report drafting process including framing of audit observations within the relevant business context.
• Demonstrate strong technical skills and understanding of key security, privacy, agile engineering practices, in-depth SOX compliance knowledge.
• Stay current with industry best practices, regulatory changes, and emerging trends in IT compliance.
• Assist IT Business partners with user access reviews and SOC report assessments, providing guidance for compliance with corporate standards.
• Develop and deliver training programs for control owners and stakeholders to support understanding of SOX requirements.

Requirements

• 7+ years of progressive internal SOX audit experience in healthcare, either Big 4 public accounting and/or in industry, including at least 3-5 years of supervisory responsibility.
• Bachelor's or Master's degree in a relevant discipline (e.g. Computer Science) or equivalent experience.
• CISA, CISM and/or CISSP certifications preferred.
• Deep Expertise in Global Risk and Compliance: Comprehensive understanding of SOX global risk and compliance frameworks, standards, and best practices.
• Proven Leadership in Risk Mitigation: Demonstrated success in leading risk mitigation initiatives and managing cross-functional projects.
• SOX Framework Mastery: Thorough understanding of the SOX framework, including IT General Controls (ITGCs), IT Automated Controls, Segregation of Duties (SOD), Key Reports.
• Technical Proficiency in ITGC Testing: Hands-on experience in assessing the design and operating effectiveness of ITGCs.
• Analytical and Problem-Solving Skills: Ability to assess complex systems, identify control gaps, and propose innovative solutions.
• Exceptional Collaboration and Communication Skills: Strong interpersonal skills to effectively work within a fast-paced team environment.
• Strategic Vision: Capability to identify opportunities for process improvement and proactively drive initiatives.
• Technical Acumen: Familiarity with homegrown enterprise systems and experience with audit and compliance tools is a plus.
• Adaptability in Dynamic Environments: Thrives in high-pressure, rapidly evolving settings.

Nice-to-haves

• Industry certifications such as CISA, CRISC, CISSP, or equivalent credentials are highly desirable.

Benefits

• Equal Employment Opportunity Employer
• Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.