IT & SOX Control Senior Manager

Senior Manager, Internal Audit & SOX Compliance

Reports To: Director Internal Audit

Location: NYC (Hybrid, 3 days in office)

Travel: Up to 25%

ABOUT THE WELLA COMPANY

Together, WE enable individuals to look, feel, and be their true selves.

Wella Company is one of the world’s leading beauty companies, comprised of a family of iconic brands such as Wella Professionals, Clairol, OPI, Nioxin and ghd. With 6,000 employees globally, presence in over 100 countries, Wella Company and its brands enable consumers to look, feel, and be their true selves. As innovators in the hair and nail industry, Wella Company empowers its people to delight consumers, inspire beauty professionals, engage communities, and deliver sustainable growth to its stakeholders.

For additional information about the Wella Company please visit www.wellacompany.com.

The Senior Manager of IT Audit and SOX Compliance is a  leadership role within the Internal Audit function responsible for the design, execution, and continuous improvement of the organization’s IT audit program, SOX IT General Controls (ITGC) framework, and technology-enabled audit capabilities. This role serves as the primary subject matter expert on enterprise systems, cybersecurity controls, and IT risk, providing assurance to executive leadership, and external auditors regarding the posture of technology controls

Responsibilities:

IT Audit Program Leadership

• Develop and execute the annual IT audit plan covering application controls, cybersecurity, infrastructure, data management, third-party / vendor risk, and emerging technology risk
• Lead complex, high-risk IT audit engagements including ERP configuration reviews, privileged access audits, change management audits, cybersecurity assessments, and cloud migration reviews

SOX IT General Controls Program

• Partner with external auditors to align on ITGC scope, testing approach, reliance strategy, and deficiency classification — serving as the primary internal liaison for all IT-related SOX matters
• Maintain the ITGC control library ensuring controls are accurately documented, mapped to relevant risks and financial reporting assertions, and reflect the current system and process environment
• Evaluate IT control deficiencies using the PCAOB and COSO frameworks, assess aggregation risk, and present findings and remediation plans to the VP of Internal Audit, CFO, and Audit Committee as required
• Drive continuous improvement in the SOX program to reduce redundancy, increase efficiency, and improve reliance by external auditors — with a target of reducing external audit fees through expanded internal reliance

AI Adoption and Audit Innovation

• Support the strategy and execution for embedding artificial intelligence and machine learning tools into the Internal Audit function, with the goal of enhancing risk identification, testing efficiency, and insight quality across all audit types
• Evaluate, pilot, and implement AI-powered audit tools covering areas such as natural language processing for contract and policy review, anomaly detection in financial transactions, predictive risk scoring for audit planning, and automated workpaper generation

Data Analytics Program

• Design, build, and institutionalize a core suite of data analytics routines to be used systematically across financial, operational, IT, and compliance audits — moving the function from ad hoc data analysis to a repeatable, scalable analytics capability

ERP and Application Controls

• Serve as the function's primary subject matter expert on enterprise resource planning systems, with the ability to navigate system configuration, authorization structures, master data governance, and financial reporting processes at a technical level
• Lead or direct audits of ERP environments covering access controls and segregation of duties, configuration change management, financial close processes, automated application controls, and interface and data integrity

Requirements

Education

• Bachelor’s degree in information systems, Computer Science, Accounting, Finance, or a related field required
• Master's degree in a relevant discipline is advantageous

Professional Certifications

• CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or CISM (Certified Information Security Manager) preferred

Experience

• Minimum 8 to 10 years of progressive experience in IT audit, SOX compliance, information security, or a related field — with at least 3 years in management or  leadership capacity
• Demonstrated experience leading SOX ITGC programs in a publicly listed company, including direct engagement with external auditors .
• In-depth knowledge of at least one major ERP platform is a mandatory requirement
• Proven track record of delivering IT audit engagements across a broad range of technology risk areas including access management, change management, cybersecurity, cloud, and application controls
• Experience building or significantly advancing data analytics capability within an Internal Audit or finance function. Proficiency in data analytics tools such as SQL, , Power BI, Tableau, Python, or equivalent
• Hands-on experience with AI tools applied in an audit, finance, or risk management context is highly desirable

• We disclose the compensation range for positions in compliance with local law. Actual salaries will vary and may be above or below the range based on various factors including but not limited to location, experience, skills and in comparison to internal incumbents currently in similar roles. Pay Range: $135,000 - $150,000 salary per year. The range listed is just one component of Wella Company's total rewards package for employees. Other rewards may include annual bonus plan or variable pay, depending on the role. In addition, Wella Company provides a rich variety of benefits to employees, including health insurance, life and disability insurance, 401(k) retirement plan, paid holidays and paid time off (PTO).

NOTICES

• All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

• If you need assistance and/or a reasonable accommodation due to a disability during the application process, please email NA.Recruiting@wella.com. This email account will not respond to inquiries regarding the status of a candidate’s application.

• [For CA located postings ONLY]: Qualified Applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. 

• Information regarding your rights: Know Your Rights and Pay Transparency Nondiscrimination Provision.

#LI-DB1