Applications will be accepted until 07/01/2026.
Description
Job Title: Director, Technology Risk and Controls (Revenue Ecosystem)
About the Role
Salesforce is seeking a Director, Technology Risk and Controls to join our Digital Enterprise Technology (DET) organization. As a senior leader within the Technology Risk and Controls team, you will build and lead a team of SOX IT subject matter experts serving as the second line of defense for DET's Revenue technology ecosystem. Your team will be the connective tissue between Revenue-supporting engineering teams, Finance SOX partners, and external auditors — ensuring control execution, audit readiness, and a transparent risk posture across the Quote-to-Cash lifecycle.
This is a high-visibility, high-impact role at the intersection of financial compliance, technology risk, and operational transformation. You will shape the strategic direction of SOX IT compliance for systems that directly underpin Salesforce's revenue engine, while building the team and processes that will define how the organization defends its control environment for years to come.
Your Impact — Responsibilities
- Team Leadership: Build, scale, and develop a high-performing team of SOX IT subject matter experts, providing strategic direction for the second line of defense within the Revenue technology ecosystem. Foster a culture of accountability, continuous improvement, and technical excellence.
- Audit Partnership: Serve as the primary SOX IT audit liaison between DET Revenue technology teams, business process second line functions, and audit stakeholders. Align on risk methodologies, project timelines, and integrated compliance strategies to ensure seamless audit execution.
- Control Readiness: Partner closely with Revenue-supporting SOX teams on audit readiness for Quote-to-Cash projects, including performing walkthroughs to determine system scoping, guiding control implementation, and ensuring project documentation meets internal standards.
- Operational Efficiency: Identify and drive opportunities to consolidate redundant controls and transition manual processes to automated testing, reducing audit effort and increasing the scalability of the compliance program.
- Executive Reporting: Deliver clear, data-driven reporting to DET leadership on the SOX IT control health of Revenue (Quote-to-Cash) supporting systems, surfacing risks proactively and advocating for program enhancements.
Minimum Qualifications
- Education: Bachelor's degree in Information Systems, Accounting, Computer Science, or a related field, or equivalent professional work experience.
- Experience: 12+ years of experience in technology risk and controls, with 7+ years of direct experience leading a SOX IT controls team in a second line capacity.
- Revenue Cycle System Expertise: Deep subject matter expertise in Revenue Cycle (Quote-to-Cash) systems, including the design and oversight of ITGCs and automated application controls; proven track record leading IT SOX readiness for new system implementations and ensuring SDLC compliance for all in-scope financial reporting projects.
- SOX Program Leadership: Extensive experience managing large-scale SOX compliance programs and a proven track record of successfully defending control environments to external auditors.
- Communication: Strong ability to convey complex financial compliance and technology risk concepts to non-technical stakeholders at all levels, including executive leadership.
- People Leadership: Proven ability to build, mentor, and inspire high-performing teams, with demonstrated success influencing stakeholders across Technology, Finance, and Audit.
Preferred Qualifications
- Proven track record in control rationalization and automation within Quote-to-Cash, Commissions, or Billing lifecycles to measurably reduce manual audit effort.
- Hands-on experience leveraging enterprise GRC platforms (e.g., AuditBoard, ServiceNow GRC) to centralize risk oversight and streamline the audit lifecycle.
- Experience building and maturing second line compliance or audit functions from the ground up.
- Functional familiarity with Salesforce architecture and platform capabilities as they relate to financial controls.
- Advanced professional certifications: CISA, CRISC, and/or CISSP strongly preferred.
For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.