Director - IT Compliance

About Us: HighLevel is an AI powered, all-in-one white-label sales & marketing platform that empowers agencies, entrepreneurs, and businesses to elevate their digital presence and drive growth. We are proud to support a global and growing community of over 2 million businesses, comprised of agencies, consultants, and businesses of all sizes and industries. HighLevel empowers users with all the tools needed to capture, nurture, and close new leads into repeat customers. As of mid 2025, HighLevel processes over 15 billion API hits and handles more than 2.5 billion message events every day. Our platform manages over 470 terabytes of data distributed across five databases, operates with a network of over 250 microservices, and supports over 1 million domain names. Our People With over 1,500 team members across 15+ countries, we operate in a global, remote-first environment. We are building more than software; we are building a global community rooted in creativity, collaboration, and impact. We take pride in cultivating a culture where innovation thrives, ideas are celebrated, and people come first, no matter where they call home. Our Impact As of mid 2025, our platform powers over 1.5 billion messages, helps generate over 200 million leads, and facilitates over 20 million conversations for the more than 2 million businesses we serve each month. Behind those numbers are real people growing their companies, connecting with customers, and making their mark - and we get to help make that happen. Who You Are We are seeking an experienced Director of IT Compliance to own and lead the Information Technology General Controls (ITGC) framework, including application controls, to ensure strong controls, regulatory compliance, and risk mitigation are in place for all systems that support financial reporting (either directly or indirectly).This is a high-visibility leadership role responsible for setting the ITGC strategy, governance, and operating model for the organization. The Director will bring deep ITGC and SOX expertise into the IT organization.This role requires hands-on leadership combined with strategic oversight, including defining, implementing, scaling, and continuously improving IT control processes across the organization. The successful candidate will have designed, implemented, and operated enterprise-grade ITGC frameworks, including application controls, for one or more high-growth public technology companies, and will be comfortable influencing at the executive level.The role requires a sound understanding of security and control principles including logical access controls, change management, least privilege, segregation of duties, computer operations, network security, vulnerability management, secure coding practices, broad data platform architectures and associated data security controls, and the ability to assess data privacy and control gaps in product and platform design. What You'll Lead

• Own and lead the enterprise ITGC strategy and operating model, in consultation with the Chief Accounting Officer and SOX Compliance function
• Develop, maintain, and continuously evolve the ITGC framework, including application controls, aligned to business growth and regulatory expectations.
• Establish governance and accountability for all ITGCs across IT, Engineering, and cloud platforms.
• Inventory all systems and tools that support financial reporting (either directly or indirectly) and define risk-based tiering and prioritisation.
• Drive implementation of IT general controls and application controls across the enterprise, system-by-system, based on the prioritised risk profile.
• Ensure high-quality documentation, testing readiness, and continuous improvement of IT control processes.
• Identify, assess, and proactively manage IT and technology-related SOX risks, ensuring appropriate preventive and detective controls are in place.
• Serve as the primary executive owner for internal and external IT audits, SOX reviews, and control assessments.
• Partner cross-functionally with Engineering, Product, Security, Finance, and Compliance to ensure integrated and scalable risk management
• Oversee the day-to-day effectiveness of ITGC operations, including access management, change control, batch processing, backup and recovery, logging, and cloud configuration controls for in-scope systems.
• Exercise authority to enforce ITGC requirements, including requiring remediation, escalating non-compliance, and pausing or blocking changes or releases that introduce SOX control risk.
• Embed ITGC requirements into CI/CD pipelines, infrastructure-as-code, cloud platforms, and automated access workflows to ensure controls are preventive, repeatable, and scalable.
• Own remediation strategy and execution for ITGC deficiencies, including prioritization, root-cause resolution, validation of fixes, and prevention of repeat findings.
• Maintain accountability for long-term control durability, ensuring controls remain effective as systems, platforms, and delivery models evolve.
• Build, mentor, and scale the ITGC function, including future team growth as the company scales

What You'll Bring

• Bachelor's degree in Information Technology, Computer Science, or a related field
• 12+ years of progressive experience in IT, internal audit, external audit, or risk management, with significant leadership experience; must have at least 3+ years of experience at a U.S. public company
• CGEIT, CISM, CISA, CRISC, CCEP, or equivalent certifications required
• Deep understanding of SOX 404, regulatory requirements, and industry standards; technology industry experience strongly preferred
• Strong command of internal control frameworks (COSO, COBIT) and enterprise risk assessment methodologies
• Proven experience leading IT audits, SOX programs, and control functions in complex technology environments
• Strong executive-level communication, analytical, problem-solving, and program management skills
• Demonstrated ability to influence senior leaders and enforce standards without direct authority
• Experience scaling controls in high-growth, cloud-native, CI/CD-driven organizations preferred

EEO Statement: The company is an Equal Opportunity Employer. As an employer subject to affirmative action regulations, we invite you to voluntarily provide the following demographic information. This information is used solely for compliance with government record keeping, reporting, and other legal requirements. Providing this information is voluntary and refusal to do so will not affect your application status. This data will be kept separate from your application and will not be used in the hiring decision. #LI-Remote #LI-NJ1 We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us. Apply tot his job Apply To this Job