SOX Compliance Program Manager

Stellenbeschreibung:

We believe in the everyday hero, those who have the courage to follow their passion and the determination to realize their dreams.

Small business owners are at the heart of all we do, so we're creating powerful, easy-to-use financial solutions to help them run their businesses. With a founder’s mentality and a team-first attitude, our diverse teams across Europe, South America, and the United States work together to ensure that small business owners can be successful doing what they love.

Team Description

Our Risk & Compliance team sits at the heart of how SumUp builds trust — with our merchants, regulators, and partners. We design and maintain the frameworks that keep SumUp safe, transparent, and ready for scale.

As part of the GRC function, you’ll work alongside experts across Finance, Legal, Tech, and Operations to strengthen our internal control environment and ensure that every process supports sustainable growth. This team acts as both advisor and challenger, enabling innovation while ensuring we operate to the highest standards of accountability. You’ll play a key role in shaping how SumUp prepares for future regulatory requirements, embedding a culture of integrity across the business.

In this position you will lead the design, operation and continuous enhancement of our SOX 404 / ICFR compliance program. You will act as the program manager for all ICFR-related initiatives, working cross-functionally with Finance, Engineering, Product, Operations and external audit to ensure our disclosure-ready controls over financial reporting are robust, documented, tested and remediated.

Manage the full life‑cycle of the SOX & ICFR program: risk‑scoping, control design/documentation, testing, remediation and reporting.

Establish and maintain an ICFR control framework designed for scalability, automation and growth.

Coordinate with cross‑functional control owners (Finance, Engineering, Product, Business Operations) to embed control design and testing in key processes.

Serve as the key liaison for external auditors during annual SOX 404 and quarterly ICFR testing cycles.

Lead remediation efforts: identify material weaknesses or significant deficiencies, partner with control owners to execute action plans and track closure.

Drive program efficiency by leveraging GRC tools and promoting automation of control testing and monitoring.

Develop reporting and dashboards for senior leadership and the Audit Committee on ICFR status, key‑metrics, trends and improvement roadmaps.

Build strong relationships with stakeholders and promote a culture of financial‑reporting excellence and control awareness.

You’ll Be Great for This Role If

7-10 years of experience in SOX 404 / ICFR compliance roles (public company environment strongly preferred).

Deep knowledge of ICFR (Internal Controls over Financial Reporting) frameworks (COSO, SOX 404), financial reporting risks and SOX audit requirements.

Proven track‑record designing and implementing ICFR programs: risk assessment, control documentation (narratives / Risk‑Control Matrices), testing and remediation.

Strong project‑management and stakeholder‑influence skills; able to lead across Finance, IT and business operations.

Experience with GRC tools or control‑testing platforms preferred.

Excellent written/verbal communication skills and executive presence.