What you'd actually do

Own the end-to-end IT SOX compliance program within the CIO organization, maintaining the IT control inventory spanning ITGCs, IT-dependent controls, and automated application controls

Own the control design and documentation, including narratives and risk and control matrices (RCMs), ensuring controls are clearly defined and audit-ready

Partner with IT, Accounting (where needed), and the SOX team to ensure new systems and modules are implemented with appropriate SDLC controls in place prior to go-live; review control designs to identify and mitigate SOX risks

On an ongoing basis, partner with IT process owners and control operators to ensure controls are executed in a timely manner

Review control evidence for quality and completeness before submission to auditors

Skills

Required

8+ years of experience in IT audit, IT risk, IT compliance, or a related field
Hands-on IT SOX experience
Deep familiarity with IT General Controls (ITGCs) — access management, change management, SDLC, and computer operations
Strong understanding of PCAOB auditing standards, COSO framework, and COBIT
Demonstrated ability to manage multiple workstreams, deadlines, and stakeholders
Experience with GRC platforms (e.g., AuditBoard, ServiceNow GRC, Workiva, or similar)

Nice to have

CISA, CISSP, CISM, or CPA certification
Experience in a hyperscaler, cloud infrastructure, or high-growth tech environment
Proven ability to establish or scale SOX IT compliance programs at newly public or pre-IPO companies

CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at www.coreweave.com.

What You’ll Do:

CoreWeave is building the infrastructure that powers the next era of AI — and doing it at a pace and scale that demands operational excellence across every function. As we scale toward and beyond public company readiness, the CIO organization is responsible for owning the execution of IT General Controls (ITGCs) and IT application controls across our technology environment.

About the role: This is not a traditional audit-support role. As the Senior Product Manager, IT SOX Compliance, you will translate SOX compliance requirements into structured programs, drive accountability across IT process owners, and build the systems and workflows that make compliance scalable. You will work closely with the SOX team and IT process owners to ensure controls are designed, reviewed, and evidenced effectively. The day-to-day includes owning the IT SOX compliance program, partnering with cross-functional teams, and ensuring controls are executed, documented, and audit-ready.

Own the end-to-end IT SOX compliance program within the CIO organization, maintaining the IT control inventory spanning ITGCs, IT-dependent controls, and automated application controls
Own the control design and documentation, including narratives and risk and control matrices (RCMs), ensuring controls are clearly defined and audit-ready
Partner with IT, Accounting (where needed), and the SOX team to ensure new systems and modules are implemented with appropriate SDLC controls in place prior to go-live; review control designs to identify and mitigate SOX risks
On an ongoing basis, partner with IT process owners and control operators to ensure controls are executed in a timely manner
Review control evidence for quality and completeness before submission to auditors
Manage the full deficiency lifecycle — from root cause analysis through remediation planning, retesting, and escalation — reporting control health to IT leadership and the SOX team
Lead root cause analysis for control failures and incidents, track and resolve systemic gaps, and implement and validate remediation plans to prevent recurrence

Who You Are:

8+ years of experience in IT audit, IT risk, IT compliance, or a related field, with hands-on IT SOX experience in either a practitioner or oversight capacity
Deep familiarity with IT General Controls (ITGCs) — access management, change management, SDLC, and computer operations — and how they map to financial reporting risk
Experience with Workday, Salesforce, NetSuite/SAP, Coupa, and other enterprise business systems
Strong understanding of PCAOB auditing standards, COSO framework, and COBIT as they apply to IT controls
Demonstrated ability to manage multiple workstreams, deadlines, and stakeholders across engineering, finance, legal, and audit
Experience with GRC platforms (e.g., AuditBoard, ServiceNow GRC, Workiva, or similar)

Preferred:

CISA, CISSP, CISM, or CPA certification
Experience in a hyperscaler, cloud infrastructure, or high-growth tech environment
Proven ability to establish or scale SOX IT compliance programs at newly public or pre-IPO companies

Wondering if you’re a good fit? We believe in investing in our people, and value candidates who can bring their own diversified experiences to our teams – even if you aren't a 100% skill or experience match. Here are a few qualities we’ve found compatible with our team. If some of this describes you, we’d love to talk.

You love translating SOX compliance requirements into structured, scalable programs
You’re curious about improving control design, execution, and compliance workflows
You’re an expert in IT SOX compliance, ITGCs, and control lifecycle management

Why CoreWeave? At CoreWeave, we work hard, have fun, and move fast! We’re in an exciting stage of hyper-growth that you will not want to miss out on. We’re not afraid of a little chaos, and we’re constantly learning. Our team cares deeply about how we build our product and how we work together, which is represented through our core values:

Be Curious at Your Core Act Like an Owner Empower Employees Deliver Best-in-Class Client Experiences Achieve More Together

We support and encourage an entrepreneurial outlook and independent thinking. We foster an environment that encourages collaboration and enables the development of innovative solutions to complex problems. As we get set for takeoff, the organization's growth opportunities are constantly expanding. You will be surrounded by some of the best talent in the industry, who will want to learn from you, too. Come join us!

The base salary range for this role is $165,000 to $242,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

What We Offer

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including:

Medical, dental, and vision insurance - 100% paid for by CoreWeave
Company-paid Life Insurance
Voluntary supplemental life insurance
Short and long-term disability insurance
Flexible Spending Account
Health Savings Account
Tuition Reimbursement
Ability to Participate in Employee Stock Purchase Program (ESPP)
Mental Wellness Benefits through Spring Health
Family-Forming support provided by Carrot
Paid Parental Leave
Flexible, full-service childcare support with Kinside
401(k) with a generous employer match
Flexible PTO
Catered lunch each day in our office and data center locations
A casual work environment
A work culture focused on innovative disruption

Our Workplace

While we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month. Teams also gather quarterly to support collaboration.

California Consumer Privacy Act- California applicants only

CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.

As part of this commitment and consistent with the _Americans with Disabilities Act (ADA)_, CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: careers@coreweave.com.

Export Control Compliance

This position requires access to export controlled information. To conform to U.S. Government export regulations applicable to that information, applicant must either be (A) a U.S. person, defined as a (i) U.S. citizen or national, (ii) U.S. lawful permanent resident (green card holder), (iii) refugee under 8 U.S.C. § 1157, or (iv) asylee under 8 U.S.C. § 1158, (B) eligible to access the export controlled information without a required export authorization, or (C) eligible and reasonably likely to obtain the required export authorization from the applicable U.S. government agency. CoreWeave may, for legitimate business reasons, decline to pursue any export licensing process.