The SOX & Internal Controls Compliance IT Manager role at CoStar Group in Arlington, VA is a senior position within the company’s finance and technology teams. This individual will support Sarbanes-Oxley compliance and internal controls by conducting risk assessments, documenting processes, executing testing, and implementing remediation plans. They will ensure robust IT General Controls over areas such as logical access management, change control, and data integrity while coordinating with Information Security to align financial systems governance with cybersecurity standards. The ideal candidate has 7-8+ years of experience in IT auditing or compliance, a deep understanding of SOX requirements, and certifications like CPA, CIA, CISA, or CISSP. They should be proficient in technologies such as ERP applications and cloud platforms, and possess strong analytical and communication skills to work effectively across different groups within the company.
Skills
SOX
COSO
ITGCs
ERP
cloud computing
agile development
cybersecurity
authentication
authorization
change management
CPA
CIA
CISA
CISSP
SOC 1/2
COBIT
NIST
ITIL
ISO 27001/2
What you'll do
Support Sarbanes-Oxley compliance by conducting risk assessments and system scoping.
Document and assess the design and effectiveness of IT general controls and application controls.
Execute testing to validate control operating effectiveness and summarize results for management reporting.
Oversee periodic user access reviews and segregation of duties analyses to ensure robust IT General Controls.
Coordinate with IT and Information Security to align financial systems governance with cybersecurity standards.
Implement data analytics to enhance approaches to internal control assessments.
What we're looking for
7+ years of professional experience in IT risk management and internal controls.
Bachelor's degree in Information Systems, Accounting, Finance, or related field.
Experience with SOX compliance and PCAOB requirements, including COSO framework and ITGCs.
Track record of technical expertise in SOX, IT risk management, and internal control assessments.
Knowledge of emerging technology risks such as cloud computing, cybersecurity, and privacy.
Ability to manage assignments, meet deadlines, and communicate complex technical concepts effectively.
Experience working in a publicly traded company or Big 4 firm.
Market check
Salary context
This listing doesn't show a salary. Similar roles on FindRole typically pay
$128,100–$202,500.
Peer median band
$128,100–$202,500
Median floor and ceiling across peers.
Typical midpoint (25–75%)
$141,150–$198,850
Middle half of comparable postings.
Based on 239 comparable postings.*
* 240 is the maximum number of comparable postings sampled.
Employer
About CoStar Group
CoStar Group is the leading provider of commercial real estate information, analytics, and online marketplaces, including CoStar, Apartments.com, and LoopNet platforms. Industry: Commercial Real Estate Data & Analytics
CoStar Group currently has
31 open roles
on FindRole.
Listed pay typically runs
$170,000–$222,000
across 11 roles with salary data.
Us - Ga - Atlanta, US18 days ago
$124,600–$148,200
SAP GRC
Workiva
ITGC
SOX compliance
CI/CD
Kubernetes
AWS
Azure
Google Cloud Platform
Terraform
Docker
Python
SQL
PostgreSQL
Linux
Windows Server
NIST
ISO 27001
CISM
CISSP