Manager, IT SOX and Risk Assurance

ABOUT THE ROLE
We are looking for a highly motivated, strategic and solution-focused candidate to join our growing SOX and Risk Assurance team. In this role, you will support Peloton’s global IT control environment and support the execution of our IT SOX program, helping to drive forward a culture of compliance, integrity and continuous improvement across the organization. The ideal candidate is passionate about IT risk management, thrives working collaboratively in a dynamic, fast-paced environment, and uses their creativity to inspire new ways of working and problem solving. You will serve as a trusted business partner and the connective tissue between the business, internal audit, and our external auditors, demonstrating your technical and internal controls expertise to help us continually assess and manage risks in the IT environment while also supporting business objectives. An ability to think critically and execute effectively while collaborating with business partners and control owners across the organization will be key to success in this role. This position will report to the Senior Manager of IT SOX and Risk Assurance as part of our Finance organization, and be based out of our New York HQ on a hybrid work basis.

YOUR DAILY IMPACT AT PELOTON

• Work within the Second Line of Defense (SOX) team, acting as an advisor to the IT and driving the design, implementation and monitoring of Peloton's risk and control framework.
• Lead and manage the execution of the IT SOX program, including the monitoring, application and reporting of IT General (ITGC) controls, IT Application (ITAC) controls, and key reports in accordance with SOX 404 requirements and corporate standards.
• Analyze processes, risks, and controls related to the IT environment to identify improvement opportunities, recommend solutions that are pragmatic and achievable, and partner with management to resolve deficiencies.
• Identify and drive opportunities for automation and using data analytics within the audit process to gain efficiencies and increase audit effectiveness; cohesively bridge the gap between upstream and downstream processes by increasing reliance on key systems and reports.
• Perform comprehensive IT risk assessments to identify potential compliance risks and vulnerabilities. Develop and implement risk mitigation strategies to address any identified risks.
• Evaluate new system implementations for control considerations, and partner with system owners to ensure appropriate IT controls are designed and in place prior to the system’s go live.
• Assist IT business partners and GRC team with user access reviews, monitoring controls, and SOC report assessments including providing guidance and recommendations to ensure compliance with corporate standards and SOX requirements.
• Provide IT expertise and support on various special projects and company-wide initiatives, ensuring compliance with relevant regulations and standards, including assisting in the development and implementation of IT policies and procedures to support business objectives.
• Understand the importance of implementing emerging technologies into Peloton’s ecosystem such as AI and ML while also being cognizant of their inherent risks.
• Develop and deliver high quality and engaging training programs for control owners and other stakeholders to support their understanding and compliance with SOX requirements.
• Collaborate with internal and external auditors to facilitate SOX audits and ensure timely completion and resolution of issues.
• Prepare and present executive level communications on IT SOX and Compliance workstreams, including SOX Steering Committee and Audit Committee updates and recommendations.
• Stay current with industry best practices, regulatory changes, and emerging trends in IT compliance.
• Proactively identify areas of improvement on an ongoing basis, providing guidance on best practices and offering actionable recommendations for process changes and potential solutions to drive efficiency and/or mitigate risk.

YOU BRING TO PELOTON

• 5+ years of relevant IT audit and SOX experience, with a mix of private and public accounting experience preferred.
• BA/BS degree with an emphasis on Computer Science, or its equivalent; CISA certification preferred.
• In-depth knowledge of SOX requirements, IT controls, and risk management, and proven expertise in designing and implementing SOX ITGCs, along with robust monitoring and reporting experience for ongoing compliance.
• Experienced in working with modern cloud Software as a Service (SaaS), Platform as a Service (PaaS), and agile environments; ability to adapt to ever changing system & process landscape.
• Experience with NetSuite and SAP ERP systems preferred; understanding of core coding languages (e.g. SQL, Python) a plus.
• Organized with strong project management skills, including effective consultation, coordination across multiple stakeholders/teams, prioritization of issues and organization.
• Outstanding communicator with keen ability to present findings in a succinct manner and tailor messaging as appropriate across a range of audiences.
• Ownership mentality; results-driven, self-starter, resourceful and comfortable with ambiguity.
• Superior problem-solving skills and ability to manage competing priorities and deadlines.
• Ability to operate at both a strategic and execution level; ideate and directly execute.
• Positive outlook, intellectually curious, desire to continually learn and grow, team player.