IT SOX Manager (Houston)

Company DescriptionHeadquartered in Houston, Texas, Nutex Health Inc. (NASDAQ: NUTX) is a healthcare management and operations company, founded in 2011. The company comprises two divisions: the Hospital Division, which operates micro-hospitals, specialty hospitals, and hospital outpatient departments (HOPDs) across 24 facilities in 11 states, and the Population Health Management Division, which manages provider networks such as Independent Physician Associations (IPAs). Through our Management Services Organization (MSO), we provide management, administrative, and support services to our affiliated hospitals and physician groups.Role DescriptionThis is a full-time, on-site role for an IT SOX Manager located in Houston, TX. The IT SOX Manager will be responsible for overseeing the implementation and execution of the Sarbanes-Oxley (SOX) compliance program related to IT controls. Day-to-day tasks include evaluating IT controls, conducting risk assessments, documenting and testing control activities, and ensuring compliance with regulatory standards. The IT SOX Manager will also liaise with internal and external auditors, monitor remediation activities, and provide guidance on IT compliance matters.KEY RESPONSIBILITIES:Own & Maintain SOX ITGCs:Perform User Access Reviews (UAR) across Workday, Waystar, GoRev, Visual Lease, GlobalShares, etc.Change management controlsAccess provisioning/deprovisioning processes (ensure timely termination, periodic re-certifications)Segregation of Duties (SOD) analyses and remediation trackingSOC report evaluation for critical third-party IT servicesIT-related controls embedded in business processes (e.g., system-generated reconciliations, logical security settings)Documentation:Develop and maintain detailed SOX narratives, process flows, and control matricesPrepare evidence packages and coordinate testing schedules with Internal and External Audit teamsContinuous Improvement & Advisory:Evaluate emerging IT risks and recommend control improvements or new controlsCollaborate with IT process owners to embed SOX requirements into standard operating proceduresProvide IT-focused advisory on compliance best practicesStakeholder Engagement:Liaise with Internal Audit to align on scoping, testing exceptions, and remediation plansWork with External Auditors to facilitate walkthroughs, testing scope, and evidence requestsCollaborate with IT operations, security, and application teams to ensure timely remediation of control gapsReporting & Metrics:Track key SOX KPIs (e.g., percentage of timely UAR completions, number of open ITGC findings, remediation cycle times)Present SOX status updates to IT leadership, Internal Audit, and other stakeholdersQUALIFICATIONS & EXPERIENCE:Experience:5+ years of experience in public accounting (Big 4 preferred), application security, access management, and industry IT experience in a regulated environment.Must have hands-on experience with SOX implementation and testing of ITGCs (UAR, change management, SOD, and user provisioning/deprovisioning)Solid understanding of IT risk frameworks (COSO, COBIT, NIST, Hitrust, etc.)Technical/Professional Skills:Familiarity with core enterprise applications: Workday, Waystar, GoRev, Visual Lease, Globalshares, Active Directory, etc.Strong Excel skills (pivot tables, VLOOKUPs) for SOD analysis and testing documentationAbility to read and interpret SOC 1/SOC 2 reports, identify control gaps, and translate them into remediation actionsExcellent written and verbal communicationcomfortable leading walkthroughs, drafting control narratives, and presenting status updatesCertifications (Preferred):CPA, CISA, CISM, CRISC, or other relevant certificationsSOX and IT audit training (IIA or equivalent)Soft Skills:Detail-oriented with strong organizational skillsProven ability to build relationships and drive consensus across IT, finance, and audit teamsSelf-starter mindset: able to work independently, juggle multiple priorities, and meet tight SOX deadlines

Created: 2025-10-07