CrawlJobs Logo
CVS Health Logo CVS Health · Finance

Senior Manager, SOX and SOC Controls Governance

United States Employment contract 67900.00 - 199144.00 USD / Year · Job Posted November 08, 2025

Job offer has expired

Job Link Share

Job Description

Fast-paced healthcare provider support role intended to foster a positive provider experience by supporting the end-to-end process of defining and supporting SOC and SOX controls through collaborating with cross-functional teams. This position will support network across all lines of business at CVS Health.

Job Responsibility

  • Understanding business operations to identify gaps and areas where new controls are required
  • Facilitation of business process and control documentation, including developing new controls and ensuring controls are designed appropriately to effectively manage risk
  • Identify and proactively notify all impacted areas of control changes that may require enhancements, process changes, or other updates
  • Partner with stakeholders to continuously evaluate and recommend opportunities to reduce risk, strengthen the internal control environment, and introduce operational efficiencies
  • Independently collect facts, utilize strong analytical capabilities to recommend appropriate actions on complex matters, and effectively communicate status and results
  • Accountable for all steps within the life cycle of control testing including conducting walkthroughs with Internal and External auditors, maintaining Information Provided by Entity (IPE) and providing documentation as needed when audit selections are made
  • Responsible for monthly and bi-annual controls review, including audits of Provider Tab and Rate Wizard transactions, Fee Schedule, and Rate Load Tracking Database audits
  • Support audits out of QNXT and PRMS systems to support Medicaid SOC and SOX controls
  • Coordinate with applicable reporting areas as needed to ensure reports are generated timely and are continuously reviewed for process efficiencies
  • Must be able to effectively prioritize and review the status of assigned work to track progress and manage towards business objectives and compliance due dates
  • May be asked to support other projects as needed based on business need

Requirements

  • 5+ years compliance and/or audit experience in SOC and SOX controls
  • 5+ years of project management experience
  • Health insurance industry experience
  • Strong communication, critical thinking, problem resolution and interpersonal skills with proven ability to influence and collaborate with providers and internal partners at all levels
  • Excellent analytical and problem-solving abilities
  • Ability to work independently and manage multiple priorities
  • Detail-oriented with a high level of integrity and professionalism
  • Bachelor's degree preferred / specialized training / relevant professional qualifications

Nice to have

  • Advance working knowledge of business systems, applications, and tools supporting network management, contracting, and provider data systems
  • Experience in related business environment with exposure to provider data, processes, etc.

What we offer

  • Affordable medical plan options
  • 401(k) plan with matching company contributions
  • Employee stock purchase plan
  • No-cost wellness screenings
  • Tobacco cessation and weight management programs
  • Confidential counseling and financial coaching
  • Paid time off
  • Flexible work schedules
  • Family leave
  • Dependent care resources
  • Colleague assistance programs
  • Tuition assistance
  • Retiree medical access
  • CVS Health bonus, commission or short-term incentive program
  • Company equity award program
CVS Health - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Manager, SOX and SOC Controls Governance

8 matching positions

Process Improvement, Knowledge, & Enterprise Risk Management Task Lead

Implement and execute a process improvement program that continuously identifies...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
talentacquisitionconcepts.com Logo
Talent Acquisition Concepts
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A current, active SECRET Clearance
  • A bachelor's degree in computer science or a related field
  • 5+ years of total work experience in IT governance, risk management, audit, compliance, business continuity plan management, or other related information security domains
  • 3+ years managing cross-functional teams and influencing senior-level management and stakeholders
  • Previous experience obtaining and maintaining compliance certifications/attestations for at least one of the following: PCI-DSS, Sarbanes-Oxley (SOX), or SOC 2 compliance
  • Strong understanding of PCI-DSS, NIST CSF, and COBIT frameworks
  • Advanced comprehension of security and risk best practices and industry standards from a business, technical, and operational perspective
  • Proven experience leading and developing staff members
  • Ability to maintain the highest level of confidentiality
  • Excellent organizational skills with a proven ability to manage multiple projects simultaneously
Job Responsibility
Job Responsibility
  • Continuously monitor SDLC related processes and provide CST insight into any areas that may require special attention
  • Make recommendations for process improvements and develop target-state process designs, develop implementation plans/roadmaps, and continually revise and report on process efficiencies and redundancies
  • Develop and deliver updated process, policy and procedures documents
  • Support CST’s Annual Statement of Assurance process documentation requirements
  • Conduct and document process evaluations against established performance metrics, recommend corrective actions, and conduct lessons-learned sessions
  • Support the Government in monitoring project teams for adherence to policies and procedures
  • Perform all other Process Improvement activities as directed by the COR/GTM
  • Review CST’s current Knowledge Management processes and Systems, including SharePoint, as well as review existing knowledge management documentation with the view to making improvements
  • Provide support for SharePoint as a Knowledge Management tool. This shall include maintenance of SharePoint sites and repository/document management activities
  • Recommend improvements to CST’s Knowledge Management systems and develop and maintain related Knowledge Management Policies and Procedures documents
What we offer
What we offer
  • health, dental, and vision coverage
  • a retirement plan
  • a profit-sharing/bonus plan
  • Paid Time Off
  • holidays
  • sick days
  • a fun, creative work environment
  • Fulltime
Read More
Arrow Right

Internal Controls & Compliance Analyst

Our client is seeking experienced Controls Testing candidates to support a growi...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in SOX or SOC testing and operational controls testing
  • Background in controls testing within banking, capital markets, or financial services
  • Understanding of operational controls such as reconciliations, payments, and fund transfer processes
  • Strong reading, writing, and verbal communication skills
  • Proven ability to manage multiple priorities and work across teams
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Perform control testing across operational processes to assess control design and effectiveness
  • Develop, execute, and document testing scripts, test plans, and results
  • Evaluate controls related to: Reconciliations, NFA checks, Fund transfers and Payment controls
  • Identify control gaps, breaks, and exceptions, and escalate findings appropriately
  • Support governance and committee reporting related to control issues and aging breaks
  • Maintain high-quality documentation and reporting standards
  • Participate in calls with stakeholders and senior partners as needed
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Accounting, Governance, and Controls, Senior Manager

As an Accounting, Governance, and Controls - Senior Manager, you’ll ensure Elise...
Location
Location
United States , New York City
Salary
Salary:
150000.00 - 200000.00 USD / Year
eliseai.com Logo
EliseAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–7 years of total experience
  • 3-4+ years in accounting, internal audit, or controllership (Big 4 or top-tier accounting advisory or multi-family property management preferred)
  • Solid grounding in core accounting (US GAAP) knowledge and processes
  • Clear, concise communicator able to influence cross-functional teams and present to senior leadership, auditors, and external clients
  • Willingness to work in person at our NYC headquarters 4–5 days per week
Job Responsibility
Job Responsibility
  • Own the internal controls framework – Design, document, and maintain SOX 404 and SOC 1 Type II controls (business, ITGC, and automated) that scale with our business and platform
  • Embed safeguards in system workflows – Partner with engineering and product to translate requirements (e.g., role-based access, audit trails) into implementation
  • Lead AI governance initiatives – Draft and enforce model-oversight, data-provenance, and ethics policies alongside Legal and Security teams
  • Provide accounting expertise – Guide engineering teams to ensure sound product and operating decisions
  • Continuous improvement – Monitor regulatory changes and industry best practices, refreshing frameworks proactively
What we offer
What we offer
  • Equity in the company
  • Medical, Dental and Vision premiums covered at 100%
  • Fully paid parental leave
  • Commuter benefits
  • 401k benefits
  • Monthly fitness stipend
  • A collaborative in-office environment with an open floor plan, fully stocked kitchen, and company-paid lunch
  • Fun company social events through our Elise and the City program
  • Unlimited vacation and paid holidays
  • Relocation packages
  • Fulltime
Read More
Arrow Right

Senior Manager, SOX

We are looking for an experienced Senior Manager, SOX to lead a scalable interna...
Location
Location
United States , New York
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in SOX compliance, internal audit, internal controls, or a closely related field
  • Demonstrated expertise in control testing and evaluating the effectiveness of financial and operational controls
  • Strong understanding of U.S. GAAP and its connection to financial reporting risk and compliance obligations
  • Background in public accounting or experience with a Big 4 accounting firm is strongly preferred
  • CPA designation preferred or equivalent depth of accounting and audit knowledge
  • Proven ability to work effectively with senior stakeholders and cross-functional teams in a fast-paced environment
  • Experience building, managing, or improving control frameworks for complex business and technology environments
Job Responsibility
Job Responsibility
  • Lead the development, documentation, and ongoing enhancement of the internal control framework covering business processes, technology controls, and automated activities
  • Oversee programs related to Section 404 compliance and SOC 1 Type II readiness, ensuring controls are designed to support operational growth and regulatory expectations
  • Partner with cross-functional teams to evaluate risks, refine control processes, and embed effective compliance practices into day-to-day operations
  • Advise leadership on control environment priorities, audit readiness, and remediation strategies to address identified gaps
  • Direct control testing activities and review results to confirm operating effectiveness and consistency across key processes
  • Coordinate with internal and external auditors to support walkthroughs, evidence requests, issue resolution, and reporting deliverables
  • Apply strong accounting knowledge to assess the impact of business activities on financial reporting controls and compliance requirements
  • Drive continuous improvement initiatives within the compliance program, including updates to documentation, policies, and governance practices
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • enrollment in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Director of Technology - Governance, Risk, and Compliance

We are seeking a Director of Technology - Governance, Risk, and Compliance to de...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 plus years of experience in Technical Governance, Risk, and Compliance, Risk Management, Audit, or Information Security
  • Minimum of 3 years in a director or senior manager role leading a GRC function or compliance program
  • Expert-level understanding of NIST CSF, SP 800-171, and CMMC Level 2 frameworks
  • Hands-on experience managing NIST CSF, 800-171 compliance programs or leading CMMC Level 2 assessments and certification initiatives
  • Strong knowledge of SOX Section 404 requirements, particularly IT General Controls (ITGC)
  • Deep understanding of ITAR and EAR export control regulations
  • Proficiency in risk management methodologies
  • Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II)
  • Strong communication skills to present complex compliance and risk concepts
  • Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive Cyber-focused Governance, Risk, and Compliance (GRC) strategy
  • Lead the design and implementation of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
  • Establish and manage an enterprise-wide risk management program
  • Design and enforce a control framework
  • Conduct or coordinate regular compliance assessments and internal audits
  • Manage relationships with external auditors, assessors, and regulators
  • Develop and maintain comprehensive compliance documentation
  • Lead the design of third-party and vendor risk management processes
  • Drive compliance training and awareness programs across the organization
  • Stay current with emerging regulatory changes
  • Fulltime
Read More
Arrow Right
New

Senior IT Auditor

We are seeking an experienced Senior IT Auditor with active CISSP and CISA certi...
Location
Location
United States , Fort Lauderdale
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
  • Active CISSP and CISA certifications (both required)
  • 5–8+ years of IT audit experience (Big 4 or large corporate internal audit preferred)
  • Hands-on experience auditing: Cloud platforms (AWS, Azure, GCP)
  • ERP systems (SAP S/4HANA, Oracle EBS/Fusion)
  • Cybersecurity frameworks (NIST CSF, CIS Controls, ISO 27001)
  • ITGCs, automated controls, and segregation of duties (SoD)
  • Expertise in SOX 404 compliance and PCAOB audit standards
  • Advanced knowledge of COBIT, ITIL, NIST 800-53, and CIS benchmarks
  • Proficient in audit tools: TeamMate+, AuditBoard, Diligent, Workiva, or Alessa.
Job Responsibility
Job Responsibility
  • Lead end-to-end IT audits including planning, scoping, fieldwork, testing (design & operating effectiveness), and reporting for SOX 404, SOC 2, ISO 27001, NIST, and internal risk-based audits
  • Evaluate ITGCs across ERP systems (SAP, Oracle, NetSuite), cloud environments (AWS, Azure, GCP), Active Directory, databases, and network infrastructure
  • Perform integrated audits combining financial, operational, and IT controls with cross-functional audit teams
  • Assess cybersecurity controls (identity/access management, encryption, vulnerability management, incident response, zero trust architecture)
  • Conduct third-party risk assessments and review vendor SOC reports, contracts, and SLA compliance
  • Identify control gaps, quantify risk, and draft actionable, prioritized recommendations
  • Present audit findings and remediation plans to C-suite, Audit Committee, and Board-level stakeholders
  • Mentor junior auditors and co-source resources
  • review workpapers for quality and completeness
  • Stay ahead of emerging risks: AI/ML governance, quantum computing threats, ransomware frameworks, and GenAI security
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Senior IT Auditor

We are seeking an experienced Senior IT Auditor with active CISSP and CISA certi...
Location
Location
United States , Boca Raton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
  • Active CISSP and CISA certifications (both required)
  • 5–8+ years of IT audit experience (Big 4 or large corporate internal audit preferred)
  • Hands-on experience auditing: Cloud platforms (AWS, Azure, GCP)
  • ERP systems (SAP S/4HANA, Oracle EBS/Fusion)
  • Cybersecurity frameworks (NIST CSF, CIS Controls, ISO 27001)
  • ITGCs, automated controls, and segregation of duties (SoD)
  • Expertise in SOX 404 compliance and PCAOB audit standards
  • Advanced knowledge of COBIT, ITIL, NIST 800-53, and CIS benchmarks
  • Proficient in audit tools: TeamMate+, AuditBoard, Diligent, Workiva, or Alessa
Job Responsibility
Job Responsibility
  • Lead end-to-end IT audits including planning, scoping, fieldwork, testing (design & operating effectiveness), and reporting for SOX 404, SOC 2, ISO 27001, NIST, and internal risk-based audits
  • Evaluate ITGCs across ERP systems (SAP, Oracle, NetSuite), cloud environments (AWS, Azure, GCP), Active Directory, databases, and network infrastructure
  • Perform integrated audits combining financial, operational, and IT controls with cross-functional audit teams
  • Assess cybersecurity controls (identity/access management, encryption, vulnerability management, incident response, zero trust architecture)
  • Conduct third-party risk assessments and review vendor SOC reports, contracts, and SLA compliance
  • Identify control gaps, quantify risk, and draft actionable, prioritized recommendations
  • Present audit findings and remediation plans to C-suite, Audit Committee, and Board-level stakeholders
  • Mentor junior auditors and co-source resources
  • review workpapers for quality and completeness
  • Stay ahead of emerging risks: AI/ML governance, quantum computing threats, ransomware frameworks, and GenAI security
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
  • free online training
Read More
Arrow Right

Senior Technology Risk Analyst

The AI DPE Risk Management team is looking for a Senior Technology Risk Analyst ...
Location
Location
United States of America , O Fallon
Salary
Salary:
88000.00 - 141000.00 USD / Year
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience with audit and regulatory frameworks such as PCI, SOX, SOC 2, GDPR, and ISO 27000/27001, including participation in both internal and external audits
  • Holds at least one relevant professional certification, such as CIA, CISA, CISM, CFE, or a similar credential
  • Ability to translate control and compliance requirements into clear, actionable guidance and documentation for engineering and product teams
  • Experience designing, implementing, and maturing controls while partnering with first-line teams to achieve compliance, ensure consistent control application, and address key risks and issues
  • Strong communication skills with the ability to collaborate effectively across Data Science, Engineering, Product, and regulatory stakeholders
  • Proven ability to manage multiple priorities and projects simultaneously, maintaining momentum and delivering results in a fast-paced environment
Job Responsibility
Job Responsibility
  • Partner with engineering, product, and architecture teams to provide control, compliance, and regulatory guidance while identifying control gaps and driving remediation efforts to reduce risk
  • Support the design, implementation, and continuous improvement of preventive and detective controls within the first-line environment to strengthen the organization's overall risk posture
  • Facilitate risk assessments, control gap analyses, and scope/impact reviews to ensure new features, product updates, and initiatives align with internal standards, regulatory requirements, and industry best practices
  • Collaborate with risk, compliance, and governance teams to track and maintain regulatory controls, while working with delivery teams to address issues and lower the severity of identified risks through effective remediation and compensating controls
  • Serve as a subject matter expert during internal and external audits, supporting evidence collection, documentation, and remediation planning while helping teams prepare for successful audit outcomes
  • Bring a proactive, curious mindset with a strong willingness to learn, enabling effective navigation of complex technical ecosystems and continuous improvement of control readiness
What we offer
What we offer
  • insurance (including medical, prescription drug, dental, vision, disability, life insurance)
  • flexible spending account and health savings account
  • paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave)
  • 80 hours of Paid Sick and Safe Time
  • 25 days of vacation time and 5 personal days
  • 10 annual paid U.S. observed holidays
  • 401k with a best-in-class company match
  • deferred compensation for eligible roles
  • fitness reimbursement or on-site fitness facilities
  • eligibility for tuition reimbursement
  • Fulltime
Read More
Arrow Right