The Associate Manager of IT Audit will support independent complex IT environment and operational audits and risk oversight activities including, but not limited to, implementation of strategic applications, network infrastructure, systems and data security, and outsourcing to third parties.
- Execute audits consistent with IIA standards and department audit methodology and policies.
- Manage timely completion of audit including communication of status to auditee and Manager/Director.
- Identify and document IT security, operational and process issues, internal control deficiencies, risks and opportunities for improvement.
- Assist in the review of processes and controls as defined in the Sarbanes-Oxley Act of 2002 including review of SOC1 reports and IT key controls.
- Reviewing the work performed by senior and staff IT auditors and ensuring feedback and opportunities for enhancements are timely provided to IT auditors; and managing the planning, execution and wrap-up of independent audits of IT processes and functions as authorized in the annual Internal Audit plan.
- Present the results of audit work to the Internal Audit leadership, including practical recommendations to address identified risks and/or weaknesses in internal controls as well as opportunities to enhance operational efficiencies.
- Ensure audit documentation is prepared and maintained for IT audits and other projects in accordance with industry highest quality standards and internal approved guidelines; and participate in strategic projects or investigations requested by the Audit Committee or Senior Management.
- Master’s degree in Information Technology or a related field and three years of pre- or post-master’s Information Technology and/or IT audit experience.
- Alternatively, employer will accept a bachelor’s degree in Information Technology or a related field and five years of Information Technology and/or IT audit experience.
- Big 4 audit and/or pharmaceutical industry experience is preferred.
- Program and database management systems, including SQL language, ERP systems (Oracle), Systems Development Life Cycle (SDLC) methodology, information security, infrastructure services, including operating systems, databases, network, and hardware.
- Experience with Sarbanes-Oxley compliance; and with Good Manufacturing Practices.
- CISA and/or CISSP preferred
- Up to 20% domestic and international travel is required.
- Knowledge of infrastructure and IT processes and controls (e.g., change management, backup and recovery, user access/security administration) is required
- Ability to independently think through problems and proactively propose solutions.
- Proficiency in Word, Excel and PowerPoint is required. Experience with analytical tools, Oracle financial applications, ACL, audit software is preferred.
Note: Qualified candidates will be contacted within 2 business days of application. If an applicant does not meet the above criteria, we will keep your resume on file for future opportunities and may contact you for further discussion.