Job Description

Job Description

Company Description

Headquartered in Houston, Texas, Nutex Health Inc. (NASDAQ: NUTX) is a healthcare management and operations company, founded in 2011. The company comprises two divisions: the Hospital Division, which operates micro-hospitals, specialty hospitals, and hospital outpatient departments (HOPDs) across 24 facilities in 11 states, and the Population Health Management Division, which manages provider networks such as Independent Physician Associations (IPAs). Through our Management Services Organization (MSO), we provide management, administrative, and support services to our affiliated hospitals and physician groups.

Role Description

This is a full-time, on-site role for an IT SOX Manager located in Houston, TX. The IT SOX Manager will be responsible for overseeing the implementation and execution of the Sarbanes-Oxley (SOX) compliance program related to IT controls. Day-to-day tasks include evaluating IT controls, conducting risk assessments, documenting and testing control activities, and ensuring compliance with regulatory standards. The IT SOX Manager will also liaise with internal and external auditors, monitor remediation activities, and provide guidance on IT compliance matters.

KEY RESPONSIBILITIES:

Own & Maintain SOX ITGCs :

• Perform User Access Reviews (UAR) across Workday, Waystar, GoRev, Visual Lease, GlobalShares, etc.
• Change management controls
• Access provisioning/deprovisioning processes (ensure timely termination, periodic re-certifications)
• Segregation of Duties (SOD) analyses and remediation tracking
• SOC report evaluation for critical third-party IT services
• IT-related controls embedded in business processes (e.g., system-generated reconciliations, logical security settings)

Documentation :

• Develop and maintain detailed SOX narratives, process flows, and control matrices
• Prepare evidence packages and coordinate testing schedules with Internal and External Audit teams

Continuous Improvement & Advisory :

• Evaluate emerging IT risks and recommend control improvements or new controls
• Collaborate with IT process owners to embed SOX requirements into standard operating procedures
• Provide “IT-focused” advisory on compliance best practices

Stakeholder Engagement :

• Liaise with Internal Audit to align on scoping, testing exceptions, and remediation plans
• Work with External Auditors to facilitate walkthroughs, testing scope, and evidence requests
• Collaborate with IT operations, security, and application teams to ensure timely remediation of control gaps

Reporting & Metrics :

• Track key SOX KPIs (e.g., percentage of timely UAR completions, number of open ITGC findings, remediation cycle times)
• Present SOX status updates to IT leadership, Internal Audit, and other stakeholders

QUALIFICATIONS & EXPERIENCE:

Experience :

• 5+ years of experience in public accounting (Big 4 preferred), application security, access management, and industry IT experience in a regulated environment.
• Must have hands-on experience with SOX implementation and testing of ITGCs (UAR, change management, SOD, and user provisioning/deprovisioning)
• Solid understanding of IT risk frameworks (COSO, COBIT, NIST, Hitrust, etc.)

Technical/Professional Skills:

• Familiarity with core enterprise applications: Workday, Waystar, GoRev, Visual Lease, Globalshares, Active Directory, etc.
• Strong Excel skills (pivot tables, VLOOKUPs) for SOD analysis and testing documentation
• Ability to read and interpret SOC 1/SOC 2 reports, identify control gaps, and translate them into remediation actions
• Excellent written and verbal communication—comfortable leading walkthroughs, drafting control narratives, and presenting status updates

Certifications (Preferred):

• CPA, CISA, CISM, CRISC, or other relevant certifications
• SOX and IT audit training (IIA or equivalent)

Soft Skills:

• Detail-oriented with strong organizational skills
• Proven ability to build relationships and drive consensus across IT, finance, and audit teams
• Self-starter mindset: able to work independently, juggle multiple priorities, and meet tight SOX deadlines

Job Tags

Similar Jobs