Job Details
Manager, SOX Compliance
We're building a world of health around every individual - shaping a more connected, convenient and compassionate health experience. At CVS Health®, you'll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger - helping to simplify health care one person, one family and one community at a time.
**Job Summary**
A leading enterprise technology organization is seeking a highly skilled Manager, SOX Compliance to advance and mature its Technology Compliance function. This role requires strong technical acumen, including experience with AI?driven controls monitoring, Identity and Access Management (IAM), automation tools, and new system implementations. The Manager will drive both strategic oversight and hands?on execution of SOX ITGC compliance activities across the enterprise's digital platforms and evolving technology ecosystem.
The Manager, SOX Compliance will act as a key liaison between internal technology teams, business partners, system owners, and external auditors. They will oversee the integrity and efficiency of SOX testing processes, evaluate evidence for completeness and accuracy, and leverage automation and intelligent tooling to streamline control testing and reporting. The role includes assessing IAM practices, monitoring access provisioning controls, and ensuring appropriate governance across both legacy and modern cloud environments.
This leader will also provide guidance on technology?driven remediation efforts, influence the design of controls for new applications and system implementations, and partner with engineering teams to embed compliance requirements early in the development lifecycle. This is a critical role in ensuring a stable, well?controlled environment that supports financial, operational, and regulatory objectives while enabling innovation and digital transformation.
Key Responsibilities:
+ Lead and execute ITGC testing activities, with emphasis on access management, user provisioning and termination processes, and change management controls.
+ Validate and assess audit evidence to ensure completeness, accuracy, and proper traceability to system?of?record sources (IPE validation).
+ Collaborate with subject matter experts to resolve audit discrepancies, including missing documentation, unclear access histories, and process gaps.
+ Participate in system scoping assessments to understand data flows across claims, operational, and financial control systems.
+ Serve as a first?level reviewer of audit evidence, control narratives, and remediation summaries prior to escalation to leadership or external auditors.
+ Provide guidance and education to control owners on SOX expectations, documentation requirements, and audit readiness.
+ Partner closely with internal audit, legal, risk management, and IT teams to ensure alignment and consistency in audit execution.
+ Manage requests within AuditBoard and ensure timely, accurate responses from business units and technical teams.
+ Monitor, track, and report status of findings, remediation efforts, and stakeholder deliverables.
+ Build and maintain strong relationships across business units to strengthen control awareness and foster a positive compliance culture.
+ Use JIRA to track and manage daily compliance activities, workflow, and issue resolution.
**Required Qualifications**
+ 5+ years of experience in SOX compliance, ITGC testing, or technology audit.
+ 3+ years of direct experience working with the SOX Compliance Framework.
+ 3+ years collaborating with cross?functional teams in complex corporate or regulated environments.
+ 1+ year of experience performing system traceability assessments and IPE testing.
**Preferred Qualifications**
+ Deep understanding of SOX 404 requirements, ITGC domains, and audit methodologies.
+ Familiarity with relevant industry frameworks, including NIST, ISO, HITRUST, HIPAA, and PCI.
+ Strong analytical, troubleshooting, communication, and documentation skills.
+ Experience with claims systems or healthcare?related control environments.
+ Professional certifications such as CISA, CRISC, CISM, or CGEIT.
+ Industry experience in healthcare, retail, or insurance.
**Education**
+ Bachelor's degree or equivalent experience (High School Diploma and 4 years of relevant experience).
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$83,430.00 - $222,480.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit https://jobs.cvshealth.com/us/en/benefits
We anticipate the application window for this opening will close on: 02/16/2026
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
CVS Health is an equal opportunity/affirmative action employer, including Disability/Protected Veteran - committed to diversity in the workplace.
**Job Summary**
A leading enterprise technology organization is seeking a highly skilled Manager, SOX Compliance to advance and mature its Technology Compliance function. This role requires strong technical acumen, including experience with AI?driven controls monitoring, Identity and Access Management (IAM), automation tools, and new system implementations. The Manager will drive both strategic oversight and hands?on execution of SOX ITGC compliance activities across the enterprise's digital platforms and evolving technology ecosystem.
The Manager, SOX Compliance will act as a key liaison between internal technology teams, business partners, system owners, and external auditors. They will oversee the integrity and efficiency of SOX testing processes, evaluate evidence for completeness and accuracy, and leverage automation and intelligent tooling to streamline control testing and reporting. The role includes assessing IAM practices, monitoring access provisioning controls, and ensuring appropriate governance across both legacy and modern cloud environments.
This leader will also provide guidance on technology?driven remediation efforts, influence the design of controls for new applications and system implementations, and partner with engineering teams to embed compliance requirements early in the development lifecycle. This is a critical role in ensuring a stable, well?controlled environment that supports financial, operational, and regulatory objectives while enabling innovation and digital transformation.
Key Responsibilities:
+ Lead and execute ITGC testing activities, with emphasis on access management, user provisioning and termination processes, and change management controls.
+ Validate and assess audit evidence to ensure completeness, accuracy, and proper traceability to system?of?record sources (IPE validation).
+ Collaborate with subject matter experts to resolve audit discrepancies, including missing documentation, unclear access histories, and process gaps.
+ Participate in system scoping assessments to understand data flows across claims, operational, and financial control systems.
+ Serve as a first?level reviewer of audit evidence, control narratives, and remediation summaries prior to escalation to leadership or external auditors.
+ Provide guidance and education to control owners on SOX expectations, documentation requirements, and audit readiness.
+ Partner closely with internal audit, legal, risk management, and IT teams to ensure alignment and consistency in audit execution.
+ Manage requests within AuditBoard and ensure timely, accurate responses from business units and technical teams.
+ Monitor, track, and report status of findings, remediation efforts, and stakeholder deliverables.
+ Build and maintain strong relationships across business units to strengthen control awareness and foster a positive compliance culture.
+ Use JIRA to track and manage daily compliance activities, workflow, and issue resolution.
**Required Qualifications**
+ 5+ years of experience in SOX compliance, ITGC testing, or technology audit.
+ 3+ years of direct experience working with the SOX Compliance Framework.
+ 3+ years collaborating with cross?functional teams in complex corporate or regulated environments.
+ 1+ year of experience performing system traceability assessments and IPE testing.
**Preferred Qualifications**
+ Deep understanding of SOX 404 requirements, ITGC domains, and audit methodologies.
+ Familiarity with relevant industry frameworks, including NIST, ISO, HITRUST, HIPAA, and PCI.
+ Strong analytical, troubleshooting, communication, and documentation skills.
+ Experience with claims systems or healthcare?related control environments.
+ Professional certifications such as CISA, CRISC, CISM, or CGEIT.
+ Industry experience in healthcare, retail, or insurance.
**Education**
+ Bachelor's degree or equivalent experience (High School Diploma and 4 years of relevant experience).
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$83,430.00 - $222,480.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit https://jobs.cvshealth.com/us/en/benefits
We anticipate the application window for this opening will close on: 02/16/2026
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
CVS Health is an equal opportunity/affirmative action employer, including Disability/Protected Veteran - committed to diversity in the workplace.
Job #NLX287752731