HighLevel

• We are seeking an experienced Director of IT Compliance to own and lead the Information Technology General Controls (ITGC) framework, including application controls, to ensure strong controls, regulatory compliance, and risk mitigation are in place for all systems that support financial reporting (either directly or indirectly).This is a high-visibility leadership role responsible for setting the ITGC strategy, governance, and operating model for the organization. The Director will bring deep ITGC and SOX expertise into the IT organization.This role requires hands-on leadership combined with strategic oversight, including defining, implementing, scaling, and continuously improving IT control processes across the organization. The successful candidate will have designed, implemented, and operated enterprise-grade ITGC frameworks, including application controls, for one or more high-growth public technology companies, and will be comfortable influencing at the executive level.The role requires a sound understanding of security and control principles including logical access controls, change management, least privilege, segregation of duties, computer operations, network security, vulnerability management, secure coding practices, broad data platform architectures and associated data security controls, and the ability to assess data privacy and control gaps in product and platform design. • What You’ll Lead • Own and lead the enterprise ITGC strategy and operating model, in consultation with the Chief Accounting Officer and SOX Compliance function • Develop, maintain, and continuously evolve the ITGC framework, including application controls, aligned to business growth and regulatory expectations. • Establish governance and accountability for all ITGCs across IT, Engineering, and cloud platforms. • Inventory all systems and tools that support financial reporting (either directly or indirectly) and define risk-based tiering and prioritisation. • Drive implementation of IT general controls and application controls across the enterprise, system-by-system, based on the prioritised risk profile. • Ensure high-quality documentation, testing readiness, and continuous improvement of IT control processes. • Identify, assess, and proactively manage IT and technology-related SOX risks, ensuring appropriate preventive and detective controls are in place. • Serve as the primary executive owner for internal and external IT audits, SOX reviews, and control assessments. • Partner cross-functionally with Engineering, Product, Security, Finance, and Compliance to ensure integrated and scalable risk management • Oversee the day-to-day effectiveness of ITGC operations, including access management, change control, batch processing, backup and recovery, logging, and cloud configuration controls for in-scope systems. • Exercise authority to enforce ITGC requirements, including requiring remediation, escalating non-compliance, and pausing or blocking changes or releases that introduce SOX control risk. • Embed ITGC requirements into CI/CD pipelines, infrastructure-as-code, cloud platforms, and automated access workflows to ensure controls are preventive, repeatable, and scalable. • Own remediation strategy and execution for ITGC deficiencies, including prioritization, root-cause resolution, validation of fixes, and prevention of repeat findings. • Maintain accountability for long-term control durability, ensuring controls remain effective as systems, platforms, and delivery models evolve. • Build, mentor, and scale the ITGC function, including future team growth as the company scales • Bachelor’s degree in Information Technology, Computer Science, or a related field • 12+ years of progressive experience in IT, internal audit, external audit, or risk management, with significant leadership experience; must have at least 3+ years of experience at a U.S. public company • CGEIT, CISM, CISA, CRISC, CCEP, or equivalent certifications required • Deep understanding of SOX 404, regulatory requirements, and industry standards; technology industry experience strongly preferred • Strong command of internal control frameworks (COSO, COBIT) and enterprise risk assessment methodologies • Proven experience leading IT audits, SOX programs, and control functions in complex technology environments • Strong executive-level communication, analytical, problem-solving, and program management skills • Demonstrated ability to influence senior leaders and enforce standards without direct authority • Experience scaling controls in high-growth, cloud-native, CI/CD-driven organizations preferred • Salary Range for this position is $192000 - $269500 annually (Bonus Pay Included)