PURPOSE AND SCOPE: The IT Audit Senior (IT-AS) supports the performance of IT audits as a member of the Global Internal Audit team. The IT-AS will primarily be responsible for helping to develop, manage and execute the global information system (IS) section of the GIA annual Audit Plan. This further includes the development and maintenance of IT related audit programs and the coordination with other IT departments within global FME. In addition, the IT-AS participates in integrated IT audits supporting financial and operational audits. Furthermore, this position should develop data analytic strategies and support the team in advanced analysis.
PRINCIPAL DUTIES AND RESPONSIBILITIES: Identifies and evaluates FME's IT risk areas and provides key input to the development of the annual global Audit Plan;Plans and executes global IT audits to identify opportunities where enhancements to internal controls can be cost-effectively achieved to meet business needs in the areas of IT infrastructure, systems and applications, security, operations and processes;Performs audit work, risk and control assessments to evaluate risk, determine control objectives and verify the extent to which control techniques meet business objectives at FME locations around the globe;Performs audit procedures to obtain sufficient evidence to support audit observations;Reviews access to applications and systems for appropriateness;Follows up on audit observations and initiates the entire process until implementation evidence is obtained;Maintains certain audit programs and GIA standards;Provides support to the internal audit team through extraction of data from applications/databases under audit and performs data analytics inquiries;Assists with maintaining the audit tool and supports the selection of a new audit tool in the near future;Maintains dedicated Knowledge Clusters in the GIA Knowledge database related to IT risks;Participates as a knowledge resource for other GIA colleagues in matters related to IT (also for internal audit tools) and general systems and controls;Develops and maintains outstanding relationships with IT and business stakeholders through open and frequent communication;Pursues professional development opportunities, including external and internal training and professional association memberships;Other duties as assigned.PHYSICAL DEMANDS AND WORKING CONDITIONS: The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.This position requires the ability to travel both domestically and internationally to FME locations.Travel will range up to 10-15% annually.EDUCATION: Bachelor's Degree required; Advanced Degree desirable.EXPERIENCE AND REQUIRED SKILLS: 3–5 years of work experience in IT audit or business audit/accounting; IT audit experience in healthcare preferred.Must have a CISA or be prepared to take the CISA exam within 1 year.Experience in network security and distributed system environments (firewalls, network design, Mainframe, Databases, mobile applications, and JAVA-based web services).Good SAP knowledge and experience in SAP IT audits in accordance with international standards are preferred.Ability to transfer IT language and knowledge into business language.Knowledge of IT industry standards such as ISO27001, COBIT, and ITIL.Knowledge of global data protection and security laws.Ability to work independently and to plan and execute projects with minimum supervision under given deadlines.Strong analytical, written communication, interpersonal, organizational skills, and ability to work with senior level management in an independent manner.Fluent in English speaking and writing; a second European language is preferred (German, Spanish, etc.).Detail-oriented, deadline-oriented, and ability to multi-task.
#J-18808-Ljbffr