Staff Internal Audit & SOX Compliance Analyst

responsible for preparing and implementing a risk-based audit plan to assess, report on, and make suggestions for improving the company’s key operational, finance, and internal controls with a specialty in IT risk and security

The position is additionally responsible for identifying and assisting in documenting existing internal controls, new internal controls, and establishing an internal monitoring function to audit the company’s compliance with such internal controls. The position will have a key role in assessing and providing recommendations to the company’s compliance with the requirements of the Sarbanes-Oxley Act of 2002 (SOX), and treatment of IT and security risks.

The Staff Internal Audit & SOX Compliance Analyst reports to the Senior Internal Audit Manager, IT and Security.

Job Grade

The Staff Internal Audit & SOX Compliance Analyst is a grade 8.


  • Lead end to end walkthroughs to identify risks, control gaps, and improvement opportunities
  • Contributes to the overall direction of the department through expertise in audit and compliance activities, and partnership with leadership in decision making
  • Design, execute and complete testing of the design and operating effectiveness of SOX business process and IT controls, including entity and process level controls, IT general and application controls and SOC report reviews
  • Improve SOX documentation and work papers (i.e. work with process owners to refine risk control matrix, improve process flows, refine / develop test procedures, propose control language and associated risks etc.)
  • Assist and make recommendations in evaluation of new processes, policies and systems to determine relevance to and impact on the SOX program, including assessing design of controls based on identified risks
  • Evaluate audit findings and coordinate remediation of deficiencies
  • Manage and/or contribute to special projects both on-going and recurring (e.g., scaling controls, segregation of duties, implementation - support/advisory), as needed, in an effective and efficient manner
  • Provide guidance to and mentor interns and junior SOX testers or audit staff


  • Excellent verbal and written communication skills with the ability to interact effectively with all levels of management
  • Demonstrated problem-solving abilities with customer service orientation
  • Self-starter and flexible team player Ability to work in a fast-paced environment with changing processes and procedures
  • Strong project management abilities
  • Must have advanced SOX compliance experience and be knowledgeable with the following financial cycles: Record to Report, Order to Cash, Hire to Retire, Procure to Pay, and ITGCs
  • Comprehension of internal auditing standards, SOX, COSO and risk-assessment practices.
  • Must be able to work during US time zones mainly Pacific and Eastern time zones with the overlap of at least 4 hours
  • Degree in Accounting, Business or Finance required
  • Technical auditing skills and corporate-level audit experience required
  • 5+ years of experience in SOX/internal audit preferred, of which at least 3 years of SOX experience required CA/CPA/CIA/ certification preferred CISA/CISSP/IT Audit certification preferred
  • Ability to use GitLab

Performance Indicators

Career Ladder

The next step in the Senior SOX Compliance Anaylst job family is to move to the Manager, Internal Audit and SOX job family.

Hiring Process

Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.

  • Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
  • Next, candidates will be invited to schedule a first interview with our VP, Internal Audit

Additional details about our process can be found on our hiring page.


About GitLab

GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.

We value results, transparency, sharing, freedom, efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.

Top 10 Reasons to Work for GitLab:

  1. Mission: Everyone can contribute
  2. Results: Fast growth, ambitious vision
  3. Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests
  4. Transparency: Over 2,000 webpages in GitLab handbook, GitLab Unfiltered YouTube channel
  5. Iteration: Empower people to be effective & have an impact, Merge Request rate, We dogfood our own product, Directly responsible individuals
  6. Diversity, Inclusion & Belonging: A focus on gender parity, Team Member Resource Groups, other initiatives
  7. Collaboration: Kindness, saying thanks, intentionally organize informal communication, no ego
  8. Total Rewards: Competitive market rates for compensation, Equity compensation, global benefits (inclusive of office equipment)
  9. Work/Life Harmony: Flexible workday, Family and Friends days
  10. Remote Done Right: One of the world's largest all-remote companies, prolific inventor of remote best practices

See our culture page for more!

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.

Last modified October 31, 2023: Update links for all migrated sections (5f71f5a9)