We’re looking for a SOX Compliance Analyst to join Procore’s Governance, Risk & Compliance team. In this role, you’ll contribute to the governance and oversight of IT controls that support our global financial systems. Your primary goal is to ensure the integrity of our financial reporting by maintaining effective and audit-ready ITGC and ITAC environments.

As a SOX Compliance Analyst, you’ll partner with Engineering, IT, and Finance teams to define scope, coordinate walkthroughs, and remediate control gaps. Use your technical auditing skills, risk mindset, and project management abilities to safeguard Procore’s compliance posture as we scale. Join us in building a world-class compliance function—Apply today!

This position reports into the Manager, GRC - SOX and will be based in our Austin, TX office. We’re looking for someone to join us immediately.

What you’ll do:  

• Provide oversight and guidance to management for existing or newly acquired systems coming into SOX scope by validating the design and implementation of IT General Controls to ensure controls are risk-aligned and audit-ready.
• Participate in the design and implementation assessment of IT Application Controls (ITACs), such as automated three-way matches, configurations, and system-generated reports (IPE), providing guidance to management on reliance criteria and control design to support consistent implementation and efficient auditor reliance.
• Facilitate external audit requests by acting as a liaison between control owners and the external audit firm.
• Perform root cause, exposure, and lookback analyses for identified control deficiencies and partner with stakeholders on remediation plans.
• Monitor the implementation of new systems to identify SOX impact and define new control requirements.
• Update and maintain the GRC platform to ensure real-time visibility into compliance status.
• Contribute to the SOX risk assessment and scoping exercise to ensure high-risk areas are prioritized as the business evolves.

What we’re looking for:

• Bachelor’s degree in Accounting, Information Systems, or a related field, or equivalent experience.
• 3-5 years of experience in IT Audit, SOX compliance, or internal controls; CISA, CIA or CISSP preferred.
• Strong understanding of the COSO 2013 and COBIT frameworks.
• Experience testing Enterprise-level SaaS systems (e.g., NetSuite, Workday, Salesforce).
• Exceptional documentation skills and attention to detail.
• Proven ability to influence stakeholders without direct authority and explain complex compliance requirements to non-technical teams.
• Demonstrated experience auditing payment systems is a plus
   

Additional Information

Base Pay Range:

For Los Angeles County (unincorporated) Candidates:

Procore will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable federal, state, and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act.

A criminal history may have a direct, adverse, and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: 1. appropriately managing, accessing, and handling confidential information including proprietary and trade secret information, as well as accessing Procore's information technology systems and platforms; 2. interacting with and occasionally having unsupervised contact with internal/external customers, stakeholders, and/or colleagues; and 3. exercising sound judgment.