Manager, SOX PMO, Business Process

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems as we build technology that transforms how the world develops software.

Manager, SOX PMO, Business Process

As GitLab continues to scale, the Manager, SOX PMO, Business Process will help strengthen our Sarbanes-Oxley (SOX) compliance program across key business processes. In this role, you'll lead assigned process areas, guide the design and maintenance of effective control frameworks, and partner closely with the IT SOX PMO to support compliance readiness as new systems and applications are introduced. Reporting to the Director, SOX PMO Leader within the CAO organization, you'll play an important part in helping GitLab build a scalable, practical SOX environment that supports growth while improving consistency, readiness, and efficiency.

This is a strong fit if you're motivated by work that combines program leadership, cross-functional partnership, and hands-on execution. In your first year, you'll help coordinate walkthroughs, maintain business control documentation, support risk assessment and remediation efforts, and identify opportunities to automate SOX activities to reduce manual work and improve control reliability.

What You’ll Do

• Serve as the primary subject matter expert for assigned SOX business processes and provide guidance to support compliance with SOX requirements.
• Partner with the IT SOX PMO to assess new systems, applications, and related controls for compliance readiness.
• Assist with the annual SOX risk assessment by helping evaluate process risks and control coverage.
• Monitor emerging risks and update controls, documentation, and process expectations as business needs change.
• Coordinate and lead SOX business walkthroughs with control owners and cross-functional stakeholders.
• Develop and maintain control documentation, including process narratives, flowcharts, and risk and control matrices.
• Assess control deficiencies and work with management to develop, implement, and track remediation plans.
• Collaborate with leaders across Finance, Operations, Legal, HR, Sales, Engineering, and IT, as well as internal and external auditors, to support an effective SOX audit process and identify automation opportunities within the SOX environment.

What You’ll Bring

• Experience with auditing, risk assessment, internal controls, and root cause analysis in a SOX or similar compliance environment.
• Knowledge of SOX compliance requirements and internal control frameworks such as the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
• Ability to evaluate business processes, identify control gaps, and support practical remediation planning.
• Skill in creating and maintaining clear process documentation, including narratives, flowcharts, and risk and control matrices.
• Strength in written and verbal communication, including the ability to explain requirements, provide training, and influence stakeholders across functions.
• Judgment to navigate complex issues using critical thinking, sound recommendations, and a balanced approach to risk.
• Familiarity with software or technology company environments and with tools such as AuditBoard is useful.
• Openness to candidates with transferable experience from audit, accounting, finance, compliance, or related fields, along with relevant education in Accounting, Finance, or a similar area; professional certifications such as Certified Public Accountant (CPA) or Certified Internal Auditor (CIA) are a plus.

About the team

The SOX PMO team is a second-line function within GitLab's CAO organization that owns and manages the enterprise SOX compliance program across risk assessment, control design, documentation, and coordination with external auditors, while Internal Audit operates as the independent third-line function for SOX testing. The team works as both a subject matter expert group and a business partner to first-line control owners across the company, helping build control frameworks that are practical, scalable, and aligned with a fast-growing business. As an all-remote team, we collaborate asynchronously across regions and functions, with a strong focus on balancing strategic program leadership with hands-on execution as GitLab continues to evolve.