Job ID R-28217
Job Description Summary
The Senior IT Auditor position is responsible for performing risk based audits of the organization’s technology operations and security. Responsibilities include planning, fieldwork execution and audit observation development. Audit planning requires the scoping of audits by identifying key risks and controls to be assessed. Fieldwork is conducted to gain an understanding of processes and controls via walk-throughs, interviews, documentation review and testing to validate the effectiveness of controls. The Senior ITAuditor is expected to identify control weaknesses and operational improvements, which are documented and incorporated into an auditreport.
Successful candidates need to demonstrate strong verbal and written communication skills, must be willing to lead and be led by peers, as well as be capable of establishing and maintaining good working relationships with the location and team associates. The position offers excellent opportunities to enhance an associate’s understanding of BD’s global business operations in addition to enhanced exposure to senior management.
- Lead audit teams and participate as a team member to evaluate the design and the operating effectiveness of Information Technology Application and General Controls at BD sites globally.
- Obtain an understanding of business and IT areas under review and the risks associated with those areas in order to develop a risk based audit approach.
- Work closely with IT and financialaudit managers in developing a project risk assessment in addition to scoping audit activities.
- Contribute innovative ideas in an effort to continuously improve the audit methodology and audit procedures.
- Execute fieldwork by interviewing management and performing testing to validate controls.
- Document the execution of specific audit procedures as defined by the engagement objectives and planned audit approach.
- Review work paper quality and validate they follow internal audit procedures.
- Lead and collaborate on the preparation of auditreports. This includes developing audit observations and recommendations that fairly present issues and are written in a clear and concise manner.
- Work with management to develop corrective actions for identified audit observations.
- Approximately 20 to 30% travel is associated with this position to domestic and international locations.
- Bachelor's degreerequired, Information Systems or Computer Science preferred. Additional degrees or exposure to accounting and/or business courses a plus.
- A minimum of 3 years ITAudit professional experience in a corporate environment required. Will consider 5+ years’ experience in information security, IT compliance, IT operational roles. Big 4 firm preferred.
- Knowledge of general IT processes (e.g., change management, backup and recovery, security administration, computer operations) is required.
- Must be able to and willing to travel up to 25% worldwide (2-weeks at a time) required.
- Interest in internal controls and information security and willing to pursue professional certifications such as Certified Information Systems Auditor (CISA), and/or Certified Information Security Professional (CISSP), and Certified Internal Auditor (CIA).
- Technical knowledge in UNIX, Windows, Qlikview or any Data Visualization Tool), Oracle, SQLServer, SAP ECC 6.0 is preferred.
- Strong understanding of networkinfrastructure devices and capabilities including routers, firewalls, intrusion detection/prevention systems and wireless technology.
- Experience with ERP systems such as SAP (ECC 6.0, GRC Access Control is a plus and JDE preferred).
- Experience with audit tools such as TeamMate, Audit Command Language (ACL) Audit Exchange and SharePoint is preferred.
- Proficiency with MS Office tools (Excel, Word, PowerPoint, Outlook, etc.).
- Strong project management skills.
- Self-motivated individual with ability to operate independently.
- Proven ability to work in a cross-functional and diverse team environment, across different functions and levels of management, and demonstrated sensitivity to cultural and geographical differences when interacting with others, including international.
- Superior communications skills and command of the English language, both written and spoken.
- Strong critical thinking and analytical skills.
- Strong research capabilities to quickly understand technologies and be able to develop audit programs.
- The ability to multitask while maintaining efficiency.