IT Control Assurance Director
Идентификационен номер на работа
263186
Публикувано
16-апр.-2026
Сервизна линия
Corporate Segment
Вид работа
Full-time
области на интерес
Счетоводство/Финанси, Данни и анализи
Местоположение/я
Remote - US - Remote - US - United States of America
About the Role:

As a CBRE Director, IT SOX & Controls Assurance, you will be part of the Financial Assurance team responsible for leading and executing IT SOX compliance and readiness projects and initiatives, ensuring the design and operating effectiveness of IT general controls (ITGCs), IT application controls (ITACs), and key reports. This role will also be responsible for delivering efficient and high-quality IT controls assessments for new system implementations and systems in scope. The Director, IT SOX & Controls Assurance, will also be responsible for managing the relationship with controllership, project teams, internal audit team, external assurance providers, and external consultants, directing IT SOX readiness activities, and providing strategic guidance to senior stakeholders on IT and emerging technology risks, controls, and compliance matters. This role will report directly to the Global Head of ESG Reporting and Financial Assurance and is working closely with various functional areas and business segments to ensure the integrity of CBRE processes and systems, in alignment with SOX requirements. 

What You will Do: 

  • Lead and execute day-to-day operation of the IT projects compliance assessment, including process and system walkthroughs, SDLC approach adoption and development, controls testing related to key pre-implementation assessment areas, issues and improvement opportunities identification, and assistance of stakeholders in remediation of gaps. 
  • Develop, execute, and maintain IT SOX readiness scoping exercise and IT risk assessment/identification, and advise leadership and senior stakeholders on IT control issues, emerging risks, and project enhancements.
  • Lead and collaborate with internal audit team on IT scoping methodology governance such as advising the criteria by which systems and processes are in or out of SOX scope.
  • Own and maintain the IT controls policy framework, control standards, and control taxonomy for financial reporting, periodically benchmarking against regulatory changes (SEC, PCAOB) and evolving industry frameworks (COSO, COBIT) to ensure the control library remains current and fit for purpose.
  • Lead, execute and review relevant testing of ITGCs and ITACs, evaluate controls over key reports (IPE), and validate management’s remediation plans for identified deficiencies and track them to timely closure. Identify key reports, interfaces, automated controls along with ITGC testing.
  • As part of SDLC pre-implementation reviews, assess data migration plans and reconciliation controls from source to target systems, validate UAT and SIT testing cycles for completeness and functionality gaps, review security including access assignment and segregation of duties, and assess complementary user entity controls (CUEC) mapping.
  • Review and challenge control design, identify control gaps and weaknesses, and recommend remediation actions. 
  • Collaborate with process and system owners to plan and execute the project assessments timely, efficiently, and effectively, including pre-implementation reviews of key systems and new systems in scope as part of organization changes, mergers, and acquisitions. 
  • Review and/or draft and communicate the project assessment reports including delivery of all gaps, findings, and observations identified during the testing and recommendation for remediation. Timely follow-up with management on remediation/implementation status. 
  • Serve as primary point of contact for the systems/process owners and liaison for external auditors and internal audit team for all in-scope IT SOX matters, managing requests, and providing guidance and support.
  • Provide proactive advisory on emerging technology risks affecting financial reporting integrity, including cloud migrations, AI/ML in financial processes, and robotic process automation, assessing control implications prior to go-live and liaising with the digital & technology function on cybersecurity risks that intersect with ICFR objectives.
  • Manage internal and external resources/consultants, ensuring high-quality work papers, testing, and documentation. 
  • Provide thought leadership and IT control and SOX requirements educations and trainings to control / process owners.
  • Lead by example and model behaviors that are consistent with CBRE RISE values. Influence parties of shared interests to reach an agreement. 
  • Identify, troubleshoot, and resolve day-to-day and moderately complex issues which may or may not be evident in existing systems and processes. 

What You'll Need:

To perform this job successfully, an individual will need to perform each crucial duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.

  • Bachelor’s degree in business, Accounting/Finance, Risk, Information Systems, Computer Science, or a relevant field; advanced degree preferred. In lieu of a degree, a combination of experience and education will be considered.
  • 10+ years of relevant experience with IT audit, IT risk management, and SOX compliance. Preferred experience in a large global company or similar experience with global accounting/consulting firms. 
  • Thorough understanding and deep experience in SOX 404, COSO, COBIT, and IT control frameworks.
  • Strong knowledge of key business processes (e.g., revenue, procure-to-pay) and supporting ERP systems (e.g., Oracle, Workday, NetSuite) and/or legacy in-house applications.
  • Extensive experience interfacing with external auditors and managing the IT SOX audit process. 
  • Ability to lead the exchange of sensitive, complicated, and difficult information, and handle problems. 
  • Extensive organizational skills and an advanced inquisitive and pragmatic mindset. 
  • Proven experience in project management with diverse stakeholders is preferred. 
  • Ability to manage priorities and critical deadlines with minimal direction. 
  • Ability to interface with all levels of the organization to collect information and drive resolution.
  • Have an initiative-taking approach and the ability to work with cross-functional teams. 
  • Strong writing and communication skills.
  • Professional certifications such as CISA, CISSP, CPA, risk management, project management certification (PMP), or equivalent are a plus. 

Why CBRE

When you join CBRE, you become part of the global leader in commercial real estate services and investment that helps businesses and people thrive. We are dynamic problem solvers and forward-thinking professionals who create significant impact. Our collaborative culture is built on our shared values — respect, integrity, service and excellence — and we value the diverse perspectives, backgrounds and skillsets of our people. At CBRE, you have the opportunity to chart your own course and realize your potential. We welcome all applicants.

Our Values in Hiring

At CBRE, we are committed to fostering a culture where everyone feels they belong. We value diverse perspectives and experiences, and we welcome all applications.

Disclaimers

Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.

Applicant AI Use Disclosure

We value human interaction to understand each candidate's unique experience, skills and aspirations. We do not use artificial intelligence (AI) tools to make hiring decisions, and we ask that candidates disclose any use of AI in the application and interview process.

About CBRE Group, Inc.

CBRE Group, Inc. (NYSE:CBRE), a Fortune 500 and S&P 500 company headquartered in Dallas, is the world’s largest commercial real estate services and investment firm (based on 2024 revenue). The company has more than 140,000 employees (including Turner & Townsend employees) serving clients in more than 100 countries. CBRE serves clients through four business segments: Advisory (leasing, sales, debt origination, mortgage serving, valuations); Building Operations & Experience (facilities management, property management, flex space & experience); Project Management (program management, project management, cost consulting); Real Estate Investments (investment management, development). Please visit our website at www.cbre.com.
CBRE carefully considers multiple factors to determine compensation, including a candidate’s education, training, and experience. The minimum salary for the IT Control Assurance Director position is $175,000 annually and the maximum salary for the IT Control Assurance Director position is $195,000 annually. The compensation offered to a successful candidate will depend on their skills, qualifications, and experience. Successful candidates will also be eligible for a discretionary bonus based on CBRE’s applicable benefit program. This role will provide the following benefits: 401(K), Dental insurance, Health insurance, Life insurance, and Vision insurance.
Назад