Senior Manager Technology Audit

Ever since we started in 2007, Sunrun has been at the forefront of connecting people to the cleanest energy on Earth. It’s why we’ve become the #1 home solar and battery company in America. Today, we’re on a mission to change the way the world interacts with energy, and we’re building a company and brand that puts power at the center of life. And we’re doing it by designing a dynamic culture where employee development, well-being, and safety come first. We’re unlike any other solar company. Our vertically integrated model gives us total control over every part of the energy lifecycle – from sale through installation and beyond – so you can find endless opportunities for growth. Come join a career you can grow in and a culture you can run with.

Sunrun is seeking an accomplished Senior IT Internal Audit Manager to join our growing Internal Audit team, reporting to the VP of Internal Audit. Our mission is to enhance and protect Sunrun’s value by providing risk-based and objective assurance, advice, and insight. In this leadership role, you will oversee and execute complex IT audit and SOX engagements, manage co-sourced resources, and partner with senior executives to strengthen the company’s control environment. You will have the opportunity to gain broad exposure to Sunrun’s operations, work cross-functionally with stakeholders across the organization, and join a high-performing team dedicated to protecting and enabling Sunrun’s growth.

Responsibilities

• Lead and oversee all phases of the annual SOX testing of technology controls (GITC, ITAC, IPE, etc.), ensuring compliance with PCAOB and COSO standards.

• Perform select SOX testing directly, while also directing, reviewing, and ensuring quality of SOX testing performed by co-source providers.

• Design, implement, and optimize IT control procedures to address control objectives across enterprise platforms, including Oracle and Salesforce.

• Coordinate all IT-related phases of SOX compliance, including:

  • Updating IT Risk and Control Matrices (RCMs) 

  • Leading walkthroughs and identifying/validating key controls

  • Developing, executing and/or reviewing test procedures

  • Evaluating control deficiencies and reporting results to management and external auditors

• Provide strategic technical guidance in the refinement and documentation of IT-related internal controls, including those for cybersecurity, cloud, and emerging technology environments.

• Oversee and track timely remediation of identified control weaknesses, escalating as necessary to senior leadership.

• Evaluate third-party SOC reports, perform detailed risk impact analyses, and communicate results to stakeholders.

• Lead and execute internal audits covering a variety of IT processes, applications, infrastructure, and systems.

• Serve as the primary liaison with senior management, external auditors, and co-source partners on IT audit and SOX matters.

• Build and maintain strong relationships with business process owners, system owners, Internal Audit peers, and external auditors.

• Perform other duties as assigned and participate in special projects as required.

Qualifications 

• Bachelor’s degree in Computer Science, Information Systems, Accounting, or a related field (Master’s degree preferred).

• 7–10 years of progressive IT audit experience, including at least 3–5 years in a leadership role. Experience with similar internal audit roles in public companies or with Big 4 audit firms highly preferred

• Active CISA certification is strongly preferred; additional credentials such as CISSP, CIA, or CPA are also preferred.

• Deep understanding of SOX 404, PCAOB Auditing Standards, COSO framework, and Internal Audit Standards, including auditing processes, methodologies, risk assessment, and business process best practices.

• Proven expertise in IT controls across all domains, including access, change management, operations, and automated application controls.

• Hands-on experience with Oracle, Salesforce, Snowflake, Workday and other enterprise application control environments.

• Knowledge of emerging technology risks (e.g., cloud, cybersecurity, AI) and related control considerations.

• Superior written and verbal communication skills, with the ability to document and present complex technical concepts to executive and non-technical audiences.

• Strong analytical, problem-solving, and project management skills, with the ability to manage multiple priorities under tight deadlines.

• Demonstrated drive, motivation, and personal integrity, with the ability to uphold the highest professional and ethical standards.

• Willingness to travel (approximately 10%) for SOX testing and audit engagements.

• Renewable energy, data analytics and automation experience are a plus.

Recruiter:

Please note that the compensation information is made in good faith for this position only.  It assumes that the successful candidate will be located in markets within the United States that warrant the compensation.  Please speak with your recruiter to learn more.

Starting salary/wage for this opportunity:

Compensation decisions will not be based on a candidate's salary history. You can learn more here.

This job description outlines the primary responsibilities, some essential job functions, and qualifications for the role. It may not include all essential functions, tasks, or requirements. If you are a qualified individual with a disability and you need reasonable accommodation during the hiring process or to perform this role, please contact us at candidateaccommodations@sunrun.com.

Sunrun is proud to be an equal opportunity employer that does not tolerate discrimination or harassment of any kind.  We believe that empowering people and valuing their differences are essential for our mission of connecting people to the cleanest energy on earth. Learn more here: EEO | Sunrun