Manager, IT Risk and Controls
About the Team The IT Risk & Controls function sits within the Finance Risk Management (FRM) team and plays a critical role in designing secure, compliant, and scalable systems that support our mission. Our team is responsible for implementing and governing IT General Controls (ITGC) and automated application controls (ITAC) that underpin the integrity of financial reporting.
Our work spans access and change management, segregation of duties, system configuration, and integration oversight. We partner closely with Engineering, Security, and Compliance to ensure financial systems are compliant, resilient, and automation-ready.
FRM, as the broader function, leads OpenAI’s financial risk posture—spanning governance over internal controls, third-party risk, audit readiness, and financial systems oversight. Together, we provide the foundation of trust that enables OpenAI to operate at global scale.
About the Role We’re seeking an experienced, execution-focused Manager to help build a world-class IT controls environment supporting finance-critical systems. In this role, you’ll lead the design, assessment, and readiness of controls, evaluate risk across systems and integrations, and ensure that our control environment is rigorous, scalable, and aligned with business growth.
You’ll work closely with Engineering, Security, and Finance teams to embed proactive, technology-driven control solutions into our operations
What You’ll Do
- Own IT SOX readiness for finance and HR-related systems, and other systems impacting financial reporting.
- Design and improve controls across end-to-end, system-driven processes such as revenue workflows, financial close, payroll, equity administration, procurement intake/approvals, and HR/Finance integrations.
- Partner closely with Finance, Accounting, HR, Engineering, Security
- system owners to make sure system logic, automations, integrations, roles, workflows
- configurations support accurate and reliable financial reporting.
- Evaluate Oracle Fusion access, role design, segregation of duties, privileged access, provisioning/deprovisioning, quarterly access reviews, audit logging, and key finance configurations.
- Assess Oracle Fusion change and configuration governance, including setup changes, approval workflows, flexfields, scheduled jobs, integrations, custom reports, and release/update impacts..
- Support audit readiness end-to-end: walkthroughs, documentation, evidence standards, PBC coordination, and auditor Q&A.
- Drive smarter ways of working by improving control automation, standardization, and continuous monitoring across Oracle Fusion and connected finance, HR, and procurement systems.
- Act as the day-to-day point of contact for external auditors on IT risk, ITGCs, automated controls What we’re looking for: Bachelor’s or Master’s degree in Accounting, Finance, Business Administration, Information Systems
- equivalent experience. 5+ years of experience in IT audit, SOX, internal controls
- risk management, with hands-on exposure to financial reporting systems.
- Strong hands-on Oracle Fusion Cloud ERP experience, especially in an ITGC, SOX, IT audit, or controls capacity.
- Experience designing and testing ITGCs for Oracle Fusion, including user access, role provisioning, privileged access, segregation of duties, change/configuration management, job monitoring, and availability controls.
- Experience with Oracle Fusion Financials controls across areas such as general ledger, procure-to-pay accounting impacts, order-to-cash/revenue, financial close, reporting, integrations, and key configurations.
- Familiarity with Workday controls related to HR master data, payroll inputs/outputs, role-based access, integrations, and downstream finance impacts.
- Familiarity with Zip or similar procurement intake/workflow platforms, including approval workflows, access controls, vendor/request data, and integrations with ERP or finance systems.
- Strong experience designing and testing automated and application controls across modern cloud-based ERP and third-party finance platforms.
- Understanding of Oracle Fusion security concepts, including roles, privileges, data access, Security Console, audit reports/logs, and access review evidence.
- Practical experience reviewing SOC 1 reports, understanding control coverage, identifying gaps/CUECs, and advising teams on how to operationalize SOC reliance.
- Solid understanding of downstream finance processes, including financial close, payroll, equity administration, procurement, and system-driven accounting workflows.
- Comfortable operating in a startup or high-growth environment, able to balance speed, risk, and control maturity.
- Clear communicator who can translate Oracle, audit, and risk concepts into actionable guidance for non-audit partners.
- Strong organizational and project management skills, with the ability to juggle multiple initiatives and stakeholders
Nice To Have
- Background in Big 4 IT audit, SOX advisory, or internal audit.
- Certifications such as CISA, CPA, CIA, or Oracle Cloud certifications.
- Experience with Oracle Risk Management Cloud, Oracle Advanced Controls, or similar access/SOD monitoring tools.
- Experience with Oracle Fusion integrations, OTBI, BI Publisher, FBDI, APIs, OIC, or other reporting/integration mechanisms used for audit evidence.
- Experience building scalable evidence standards, including IPE completeness and accuracy for Oracle Fusion, Workday, Zip, and other key reports.
- Exposure to control automation or continuous monitoring initiatives across Oracle Fusion and connected finance, HR, and procurement systems.
- Workplace & Location This is a full-time position based in our San Francisco headquarters.
- We operate in a hybrid work model, combining in-office collaboration with flexibility for remote work, depending on business needs and team schedules.
- About OpenAI OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.
- We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products.
- AI is an extremely powerful tool that must be created with safety and human needs at its core
- to achieve our mission, we must encompass and value the many different perspectives, voices
- experiences that form the full spectrum of humanity.
- We are an equal opportunity employer
- we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information
- other applicable legally protected characteristic.
- For additional information, please see OpenAI’s Affirmative Action and Equal Employment Opportunity Policy Statement .
- Background checks for applicants will be administered in accordance with applicable law
- qualified applicants with arrest or conviction records will be considered for employment consistent with those laws, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers
- the California Fair Chance Act, for US-based candidates.
- For unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage
- return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment
- and maintain the confidentiality of proprietary, confidential, and non-public information.
- In addition, job duties require access to secure and protected information technology systems and related data security obligations.
- To notify OpenAI that you believe this job posting is non-compliant, please submit a report through this form .
- No response will be provided to inquiries unrelated to job posting compliance.
- We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link .
- OpenAI Global Applicant Privacy Policy At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared.
- Join us in shaping the future of technology.