Director of AI SOX Governance (REMOTE in UK)

For 75 years, Charles River employees have worked to advance the discovery, development, and safe manufacture of new drug therapies, making a profound impact on global health. Our 20-year partnership with Boston Children’s Hospital takes this mission to the next level, supporting groundbreaking innovations that directly impact patient care. At Boston Children’s, their commitment to diversity drives the exceptional quality of care provided to patients from local communities to over 160 countries worldwide. This is your moment to become part of a family where unique talents and perspectives unite to change lives, including your own. Together, we’re shaping a healthier future through compassion, innovation, and opportunity.

Job Overview

The Director of AI SOX Governance is responsible for managing required SOX responsibilities of the department focusing on technology initiatives which drive change to the control environment to ensure ongoing regulatory compliance. The role will also help establish and manage the internal control framework supporting AI-enabled processes, third-party outsourcing, and enterprise transformation initiatives. This role plays a critical part in ensuring compliance with Sarbanes-Oxley (SOX) by building the governance structures, risk frameworks, and control mechanisms required for emerging technologies and vendor-managed environments and then executing and sustaining those controls within the SOX program. The position requires cross collaboration with finance, technology, and risk, partnering closely with business process owners, IT, data teams, and third-party providers to ensure that innovation is implemented in a controlled, auditable, and compliant.

Job Description

• Ensure Ongoing SOX Compliance – Drive assessment and risk mitigation of key changes to the control environment and ensure SOX compliance. Support existing internal controls process to assess CRL technology initiatives for SOX impact and implementation of required changes to the control environment. Support SOX UK requirements to meet critical SOX deadlines.
• Framework Development - Design and implement an AI SOX governance framework aligned to the COSO Internal Control Framework. Develop a structured AI risk taxonomy, including risks related to data completeness and accuracy, model outputs and reliability, over-reliance and explainability. Establish control design standards for AI-enabled processes, including human-in-the-loop review controls, validation thresholds, and exception handling.
• Vendor & Outsourcing Controls - Design a third-party SOX controls framework for environments where SOC 1 reliance is limited or unavailable. Define and implement Complementary User Entity Controls (CUECs) and internal monitoring controls. Establish control expectations for outsourced operations, including segregation of duties, access and security, data transfer, and integrity. Develop governance processes to monitor vendor performance and control effectiveness.
• Control Implementation - Perform risk assessments for AI-enabled and outsourced processes. Design and implement manual and automated controls to mitigate identified risks. Partner with cross-functional stakeholders (Finance, IT, Data, Vendors) to ensure controls are embedded into processes. Support go-live readiness for AI and transformation initiatives by validating control design and execution.
• Control Monitoring & SOX Integration - Establish and execute ongoing monitoring activities for AI systems and vendor-managed processes. Perform or oversee control testing procedures, including validation of AI outputs and data integrity. Identify, track, and remediate control deficiencies, including root cause analysis and corrective actions. Integrate new controls into the broader SOX compliance program, including quarterly certifications and audit support.
• Governance & Stakeholder Engagement - Support governance leadership reporting related to AI, vendor, and transformation risks. Collaborate with internal audit, external auditors and controllership and finance leadership. Communicate complex risks in a clear manner, linking operational risks to financial reporting impact.
• Continuous Improvement - Enhance and mature AI and vendor control frameworks. Identify opportunities to improve control efficiency and effectiveness. Stay informed on emerging risks, regulatory expectations, and leading practices related to AI and outsourcing.
• Team Development – Lead and develop a high-performance team. Responsible for leading and developing a high performing team through effective goal setting, performance management, and ongoing coaching; establishing clear, measurable objectives aligned to SOX and enterprise transformation initiatives; providing timely feedback; supporting employee development; and ensuring accountability for results.

Qualifications

• Education: Bachelor’s degree (B.A. /B.S.) or equivalent in accounting or related discipline. Masters degree in Business Administration or Finance preferred.
• Experience: 10+ years of experience in: SOX compliance, internal controls, audit (Big 4 + industry).
• Certification/Licensure: CPA highly preferred.
• Experience with: COSO Internal Control Framework, financial processes, risk/controls, ERP systems (SAP, S4 Hana, etc.), Data platforms (e.g., Azure-based environments).
• Exposure to: AI / automation / data analytics initiatives, Third-party outsourcing environments (limited training will be provided).
• Familiarity with: AI risk concepts (e.g., data quality, model risk, explainability), Vendor risk management frameworks.

Charles River is an equal opportunity employer and is committed to providing equal employment opportunities for all qualified applicants and employees without regard to race, color, sex, religion, national origin, ancestry, age, mental or physical disability, family status, pregnancy, military or veteran status, or any other characteristic protected by federal, state, or local laws.