Boston Scientific SOX Program Lead 

United States, Massachusetts, Marlborough 

231600144

US-MN-Arden Hills; US-MN-Maple Grove

About the role:

This role extends beyond the Cybersecurity team, emphasizing collaboration across IT and building strong relationships throughout Boston Scientific and its subsidiaries. The IT SOX Program Lead will manage SOX IT audits and work closely with Engineering, Finance, IT, and other key stakeholders to ensure compliance with SOX requirements.

Key Responsibilities:

• Lead IT SOX compliance efforts, encompassing IT General Computer Controls (ITGC), Segregation of Duties (SOD) controls, and application controls. Ensure processes meet regulatory standards and align with best practices for the medical device industry.
• Perform comprehensive control walkthroughs, producing high-quality documentation and conducting rigorous quality assurance across all IT SOX areas. Confirm control evidence meets criteria for accuracy, completeness, and precision.
• Offer specialized knowledge in evaluating, designing, and implementing ITGCC and application control measures to strengthen organizational internal controls.
• Identify and resolve gaps in IT Automated/Application Controls (ITAC), working collaboratively with management to implement corrective actions and escalate significant issues to senior leadership when necessary.
• Support system upgrades, enhancements, and new deployments by ensuring that internal controls over financial reporting are seamlessly integrated into evolving processes and technology.
• Develop and execute audit plans targeting IT and technology-related risks, such as cybersecurity, privacy, and business continuity. Assess changes to products, systems, and processes for compliance and risk mitigation.
• Collaborate with business and IT stakeholders to analyze audit results, determine root causes, and implement actionable remediation plans while preserving objectivity and fostering positive relationships.
• Prepare clear and impactful audit reports, framing observations within the context of the medical device industry. Deliver practical recommendations and insights to enhance risk management and operational effectiveness.
• Apply advanced knowledge of security protocols, privacy frameworks, and agile methodologies to navigate and address emerging challenges in IT compliance.

Required Qualifications:

• Bachelor’s degree in technology, finance, accounting or IT related discipline.
• 6+ years of professional experience in a similar role, preferably with a "Big 4" firm or equivalent.
• 6+ years of experience in SOX scoping, risk assessments, executive presentation preparation, staff supervision, and coordination with external auditors.
• 2+ years of experience with SOXHub, AuditBoard, or similar GRC platforms.

Preferred Qualifications:

• Certified Public Accountant (CPA), Certified Internal Auditor (CIA), or Certified Information Systems Auditor (CISA) preferred.
• Exceptional attention to detail and organizational skills to drive change and effectively prioritize deadlines.
• Strong analytical and problem-solving capabilities.
• Proven ability to collaborate with technical and business teams to deconstruct complex problems and develop actionable solutions through process improvements or innovative technologies.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.