IT SOX Program Manager

Atlas Energy Solutions Inc. (

NYSE:

AESI) is a leading solutions provider to the energy industry. Atlas' portfolio of offerings includes oilfield logistics, distributed power systems, and the largest proppant supply network in the Permian Basin. With a focus on leveraging technology, automation, and remote operations to enhance efficiencies, Atlas is centered around a core mission of improving human beings' access to hydrocarbons that power our lives and, by doing so, maximizing value creation for our shareholders. We're very excited about what we see in front of us, and we think you will be too - so come join our team and contribute to our growth! Position Overview Atlas Energy Solutions is seeking a highly organized, detail-oriented IT SOX Program Manager to support and mature our Sarbanes-Oxley (SOX) IT General Controls (ITGC) compliance program. This role will serve as a central point of coordination between the Technology team, external auditors, internal audit partners, and control owners across the organization. In addition to managing meetings, audit communications, and evidence collection, this individual will execute critical control operations — including access reviews, SOD monitoring, change management oversight, reconciliation processes, and deficiency remediation tracking — across all in-scope systems. The role also requires proactive collaboration with project managers, HR, and IT leadership to ensure a sustainable and audit-ready control environment. Key Responsibilities Audit Coordination & Communication Schedule and facilitate meetings between internal stakeholders and external/internal auditors Serve as the liaison between auditors and the technology team to triage and communicate audit requests Track and ensure timely responses to auditor inquiries and evidence submissions Evidence Management Collect, validate, and maintain control-related evidence (e.g., UARs, PARs, password configs, change records) Maintain a centralized audit evidence tracker with version control and status monitoring Access Control Operations Perform and document recurring User Access Reviews (UARs) and Privileged Access Reviews (PARs) Review password configurations, access provisioning, and deprovisioning practices for compliance Maintain and regularly update the Segregation of Duties (SOD) matrix, working with application owners to resolve conflicts Reconcile HRIS and IAM systems to validate timely access removal upon termination or role change Change Management Oversight Coordinate with application teams and project managers to ensure adherence to change management controls Review change tickets for approval, testing, and documentation completeness Support continuous improvement of change control workflows and artifacts Monitoring & Operational Controls Collaborate with Technology team members to monitor and validate system-level controls (e.g., backups, job monitoring, logging) Participate in walkthroughs or testing of infrastructure controls as needed Controls Management, Testing & Remediation Assist in drafting and maintaining control narratives and definitions for in-scope systems and tools Support and perform internal control testing in coordination with audit or compliance teams to validate control design and effectiveness Track and follow up on control deficiencies, audit findings, and remediation plans Coordinate with control owners to ensure timely closure and documentation of corrective actions Flexibility & Broader Compliance Support During periods of lower SOX activity, this role may contribute to other compliance initiatives, such as

ISO 27001, SOC

1/2, or similar certification efforts requiring IT participation Qualifications 3+ years of experience in IT compliance, SOX coordination, or audit support roles Understanding of

SOX ITGC

domains (access, change, operations) and internal control design Experience performing access reviews and reconciling control data across systems Familiarity with project management processes, access governance, and issue remediation tracking Excellent communication and organizational skills; able to work cross-functionally under deadlines Comfortable handling sensitive access or security information with discretion Preferred Qualifications Knowledge of frameworks such as

COBIT, NIST, ISO

27001, or SOC 1/2 Experience with GRC platforms (e.g., AuditBoard, Archer), IAM tools (e.g., Okta, Azure AD), or change management systems (e.g., Jira) Exposure to enterprise platforms (ERP, CRM, custom applications) and cloud environments (Azure)