The Internal Audit and SOX Manager

Responsible for preparing and implementing a risk-based SOX audit plan to assess, report on, and make suggestions for improving the company’s key operational and finance activities and internal controls.

The position will have a key role in assessing the company’s compliance with the requirements of the Sarbanes-Oxley Act of 2002. This position reports to the Vice President of Internal Audit.

Job Grade

The Internal Audit and SOX Manager is a grade 8.

Market Justification: This individual will own the program management of Internal Audit and SOX programs. In the market, this type of role is equivalent to a manager level due to the level of management and influence over strategy and execution of large programs with significant impact. Based on market data there are over 100 companies that have this level with an average of two to three incumbents in the role.


  • Plan and manage all aspects of the SOX Program
  • Play a key role in annual and semiannual financial risk assessment in coordination with the Internal Audit team members
  • Create and maintain SOX ready documentation including flow charts, control descriptions, in-scope system listing, SOC-1 reports, etc
  • Coordinate with the control owners to identity and document control changes
  • Coordinate with internal and external auditors and co-sourcing partners for controls testing and process walkthroughs to streamline impact on the business and align test results and yield efficiencies.
  • Lead implementation of a SOX project management tool and maintain the tool going forward
  • Reviewing, assessing, and evaluating reported control deficiencies, root causes, and planned corrective actions in conjunction with business process owners.
  • Recommend continuous improvements related to the Company’s key controls
  • Lead and manage various SOX meetings e.g. SOX working team, SOX Steering Group and other SOX meetings as required
  • Working closely with the IT and Security Compliance teams to ensure IT General Control and documentation and monitoring programs are consistent with SOX requirements.
  • Preparing materials and presenting SOX findings and assertions at SOX Steering Group
  • Continuously improve the SOX program to become more efficient and effective through optimization and automation.
  • Support internal audit projects as and when required


  • Minimum seven (7) years experience in SOX conducting internal audits, including minimum three (3) years of experience in Information Technology industry in internal / external audit preferred
  • Strong experience in project management, SOX business controls and IT General controls
  • Excellent knowledge of PCAOB and SEC requirements for a public company
  • Audit experience at a public accounting firm is considered as an asset
  • Knowledge of audit methodologies and frameworks and related governance concepts, tools, techniques, and best practices
  • Undergraduate degree in Business, Accounting or Finance
  • Chartered Accountant/ CPA /CIA certification preferred
  • Certified Information Systems Auditor (CISA), or Certified Fraud Examiner (CFE) designations are considered an asset
  • Excellent written and oral communication skills
  • Ability to communicate information in an understandable form to the right parts of the organization
  • Ability to work effectively in a team environment, both within Internal Audit and across other departments
  • Must be able to work in US and International time zones, when required
  • Ability to balance quality of work with speed of execution
  • Ability to use GitLab

Performance Indicators

Hiring Process

Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.

  • Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
  • Next, candidates will be invited to schedule a first interview with our VP, Internal Audit

Additional details about our process can be found on our hiring page.


About GitLab

GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.

We value results, transparency, sharing, freedom, efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.

Top 10 Reasons to Work for GitLab:

  1. Mission: Everyone can contribute
  2. Results: Fast growth, ambitious vision
  3. Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests
  4. Transparency: Over 2,000 webpages in GitLab handbook, GitLab Unfiltered YouTube channel
  5. Iteration: Empower people to be effective & have an impact, Merge Request rate, We dogfood our own product, Directly responsible individuals
  6. Diversity, Inclusion & Belonging: A focus on gender parity, Team Member Resource Groups, other initiatives
  7. Collaboration: Kindness, saying thanks, intentionally organize informal communication, no ego
  8. Total Rewards: Competitive market rates for compensation, Equity compensation, global benefits (inclusive of office equipment)
  9. Work/Life Harmony: Flexible workday, Family and Friends days
  10. Remote Done Right: One of the world's largest all-remote companies, prolific inventor of remote best practices

See our culture page for more!

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.