Principal SOX Managment Lead, Information Technology

Lantheus is headquartered in Bedford, Massachusetts with offices in Billerica as well as in Canada and Sweden.  For more than 60 years, Lantheus has been instrumental in pioneering the field of medical imaging and has helped physicians enhance patient care with its broad product portfolio. 

Lantheus is an entrepreneurial, agile, growing organization that provides innovative diagnostics, targeted therapeutics, and artificial intelligence (AI) solutions that empower clinicians to find, fight and follow disease.  At Lantheus our purpose and values guide our behaviors in all interactions and play a vital role in creating a dynamic environment that contributes to our success.  Every employee is crucial to our success; we respect one another and act as one knowing that someone’s health is in our hands.  We believe in helping people be their best and are seeking to bring together a diverse group of individuals with different viewpoints and skill sets to be a part of a productive and inclusive team. 

Job Summary

We are seeking a highly skilled IT SOX Management Lead to join our team. The ideal candidate will collaborate closely with business process leads, IT stakeholders, internal IT audit teams, and external auditors to ensure compliance with SOX regulations and internal policies. This role requires deep expertise in IT General Controls (ITGCs), SAP S/4HANA, IT platforms, and internal control frameworks, as well as strong analytical, problem-solving, and communication skills. 

Key Responsibilities

• Partner with IT Internal Audit, IT stakeholders, and business teams to develop audit objectives, scope, testing strategies, and audit procedures.
• Lead IT ITGCs and IT Application Controls (ITACs) by assisting control owners with evidence collection and execution of control activities.
• Coordinate and manage ITGC execution and support internal and external auditors, including planning and facilitating walkthroughs and control testing for IT general controls, application controls, and system-generated reports.
• Assist in evaluating, implementing, and remediating identified control deficiencies in a timely manner.
• Maintain an inventory listing of all in-scope systems and partner with various business units upon introduction of new partners, subsidiaries, acquisitions, systems, or other factors that may result in modification to our IT structure.
• Partner with system owners to perform regular User Access Reviews (UARs) to ensure that personnel have the appropriate level of access based on their job role.
• Perform ad-hoc operational, regulatory, and IT advisory projects as necessary.
• Identify and communicate opportunities for risk reduction and control process improvements to enhance overall efficiency.
• Ensure timeliness, quality, and effectiveness of IT controls by working closely with control owners – ensuring completeness and accuracy of controls.
• Support key reports and business process controls as identified across key applications and provide objective evidence of IT change controls
• Proactively communicate control deadlines and readiness steps to ensure successful control testing execution.
• Conduct walkthrough of controls with external auditors

Qualifications & Requirements

• Bachelor’s degree in Information Technology, Accounting, Finance, Computer Science, or a related field.
• Minimum of 7 years of experience in internal or external IT auditing, preferably within SAP S/4HANA environments or Big 4 accounting firms.
• Strong knowledge of IT SOX compliance, IT controls, and regulatory requirements.
• Experience evaluating security and controls across on-premise, homegrown, and cloud-based technologies.
• Proven leadership skills with the ability to influence stakeholders and drive results.
• Excellent communication and facilitation skills, with the ability to translate complex IT control concepts for business and IT teams.
• A proactive problem-solver who can identify risks, implement solutions, and drive continuous improvement.
• A self-starter who takes initiative and ensures accountability across teams.
• Professional certifications such as CISA, CISSP, CIA, or CPA (preferred but not required).