IT SOX Manager

About Us

Founded in 2011, Fulgent has evolved into a premier, full-service genomic testing company built around a foundational technology platform.

Through our diverse testing menu, Fulgent is focused on transforming patient care in oncology, anatomic pathology, infectious and rare diseases, and reproductive health. We believe that by providing a wide range of effective, flexible testing options in conjunction with best-in-class service and support, we can redefine the way medicine is managed for patients and clinicians alike.

Since integrating with our therapeutic development business, Fulgent is also developing drug candidates for treating a broad range of cancers using a novel nanoencapsulation and targeted therapy platform. By merging our fields of expertise, we aim to become a fully integrated precision medicine company.

Summary of Position

As an individual contributor manager, you will lead SOX IT. You will work with the all departments including but not limited to Engineering, IT, Applications, Security and Privacy functions of this fast-paced, rapidly changing healthcare business, and directly with key stakeholders to drive SOX compliance, including being a liaison to internal and external auditors. You have a strong background in IT SOX and are excellent at communicating vertically and horizontally across the company.

Key Job Elements

• Manage and direct the work streams related to IT SOX compliance, including IT General Controls (ITGC), Segregation of Duties (SOD) controls, and application controls.
• Develop and oversee the Software Development Life Cycle (SDLC) program for the SOX system implementations to ensure appropriate IT controls are in place before system go-live.
• Collaborate with SOX process teams, external auditors, management, and other testing groups to address key risks effectively and ensure compliance.
• Coordinate and facilitate the PBC requests for tests of design (ToD) and tests of operating effectiveness (ToE) overall IT systems, liaise between auditors and IT SOX application and process owners to ensure seamless execution and accurate results.
• Coordinate IT SOX walkthroughs, ensuring clear communication, appropriate supporting documentation, and alignment among all stakeholders.  Foster strong relationships with control owners, serving as a trusted advisor and providing guidance on IT compliance best practices. Liaison between control owners, Internal Audit and External Audit.
• Collaborate with internal and external auditors to facilitate SOX audits and ensure timely completion.
• Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC including control gaps and findings identified by management.
• Review test findings, assist developing remediation action plans,  facilitate the remediation of ITGC and IT Automated/Application (ITAC) control gaps, and escalate possible critical issues to senior management within IT.
• Review control evidence, prior to submitting to auditors , for adherence to accuracy, completeness and precision of control execution for all ITGC and ITACs.
• Participate in systems upgrades, integrations and enhancements, as necessary, to review that internal controls over financial reporting are adequately identified and addressed.
• Assist auditors in SOX planning, scoping and execution  of audits primarily in areas associated with technology and technology-related risks (e.g. cybersecurity, privacy, and business resilience) including reviews of new and enhanced products and supporting systems, process changes and system implementations.
• Lead the report drafting process including framing of audit observations within the relevant business context, formulation of practical recommendations that balance stakeholder needs, and development of useful insights for management.
• Demonstrate strong technical skills and understanding of key security, privacy, agile engineering practices, in-depth SOX compliance knowledge .
• Stay current with industry best practices, regulatory changes, and emerging trends in IT compliance.
• Assist IT Business partners with user access reviews and SOC report assessments, providing guidance for compliance with corporate standards.
• Develop and deliver training programs for control owners and stakeholders to support understanding of SOX requirements.

Knowledge/Experience

• 7+ years of progressive internal SOX audit experience in healthcare, either Big 4 public accounting and/or in industry, including at least 3-5 years of supervisory responsibility.
• Bachelor’s or Master’s degree in a relevant discipline (e.g. Computer Science) or equivalent experience.
• CISA, CISM and/or CISSP certifications preferred.
• Deep Expertise in Global Risk and Compliance: Comprehensive understanding of SOX global risk and compliance frameworks, standards, and best practices, with experience navigating complex, multinational environments.
• Proven Leadership in Risk Mitigation: Demonstrated success in leading risk mitigation initiatives and managing cross-functional projects to enhance compliance and reduce exposure across an organization.
• SOX Framework Mastery: Thorough understanding of the SOX framework, including IT General Controls (ITGCs), IT Automated Controls, Segregation of Duties (SOD), Key Reports, and related compliance requirements.
• Technical Proficiency in ITGC Testing: Hands-on experience in assessing the design and operating effectiveness of ITGCs, including areas like user access, change management, system integrations, and system development lifecycle activities.
• Analytical and Problem-Solving Skills: Ability to assess complex systems, identify control gaps, and propose innovative solutions to mitigate risk while optimizing operational efficiency.
• Exceptional Collaboration and Communication Skills: Strong interpersonal skills to effectively work within a fast-paced team environment and engage with a diverse range of technical and non-technical stakeholders.
• Strategic Vision: Capability to identify opportunities for process improvement and proactively drive initiatives to enhance compliance and governance strategies.
• Technical Acumen: Familiarity with homegrown enterprise systems and experience with audit and compliance tools is a plus.
• Certifications (Preferred): Industry certifications such as CISA, CRISC, CISSP, or equivalent credentials are highly desirable.
• Adaptability in Dynamic Environments: Thrives in high-pressure, rapidly evolving settings, with the ability to prioritize and manage multiple tasks effectively.

Environment

Fulgent Therapeutics LLC is an Equal Employment Opportunity Employer.

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. The term “qualified individual with a disability” means an individual with a disability who, with or without reasonable accommodation, can perform the essential functions of the position.

For California residents, please see the link below to access our CCPA Privacy Notice.

CCPA Privacy Notice for California Residents

https://tinyurl.com/FulgentCCPA

Please note that Fulgent (and its affiliated companies, including Inform Diagnostics and CSI Laboratories) does not accept unsolicited information and/or resumes from search firms or agencies for our job postings. Search firms or agencies without an applicable contract and/or express approval to recruit for the role in question — that choose to submit a resume or client information to our career page or to any employee of Fulgent — will not be eligible for payment of any fee(s), and any associated shared data will become the property of Fulgent.