Executive Director, Internal Audit - Information Technology - (17004454)
Supports the SVP, Internal Audit in the execution of the Internal Audit charter and in leading the overall IT audit function to ensure compliance with SOX and COBIT requirements. Responsible for planning, performing, and executing risk-based IT audit, assurance, and advisory activities and managing large, complex, and highly visible engagements. A key leader within the Internal Audit team, this role provides the Internal Audit IT organization with strategic direction in the establishment of risk-based IT auditing and reporting methodologies, organization design, and effective positioning of the function to ensure provision of independent assurance and consulting services consistent and aligned with companys business objectives. Adept at balancing the dual role of objective assurance provider and consultative business partner who can develop solid working relationships with senior management and stakeholders and lead other Internal Audit team members. Manages a team with a co-source provider and internal staff.
1. Line management responsibilities for staff members: For direct and indirect reports, may participate and direct activities related to department staff operations such as interviewing and selection, professional development, performance management, and employee counseling and separations. Approves courses of action on salary administration, interviewing and selection, terminations, professional development, performance appraisals, job description preparation, and employee counseling. Works with and advises staff on administrative policies and procedures, technical problems, priorities and methods.
2. Prepares annual IT Risk Assessment as part of the Internal Audit overall annual plan used in defining the scope for the annual SOX IT General Controls review as well as defining additional IT and operational audits to be performed during the year.
3. Works with IT Process Owners to identify/improve and document detailed controls and test procedures for key application, security and infrastructure components.
4. Designs, plans, prepares and executes organization-wide IT audit plans and SOX IT control testing (including IT General Controls such as change management, user access/security, and computer operations as well as controls over key reports & spreadsheets).
5. Works effectively across all levels of management including coordinating with external auditors to ensure audit reliance strategy and integrated audit support.
6. Responsible for managing assigned budget.
7. Partners with all levels of IT management, Internal and External Audit to ensure audits and SOX testing are conducted in a cooperative, timely and efficient manner with value added recommendations being provided to management to strengthen controls where applicable.
8. Structures and manages both internal team and external (co-source) resources to maximize effectiveness, impact and efficiency.
9. Routinely summarizes and communicates to the effected control owners and IT management, control weaknesses identified during testing. Shares any insight into operations or suggestions for corrective actions and improvements that drive increased efficiency and mitigate risk.
10. Partners with IT teams on optimizing business processes by evaluating the application controls of systems that support the business process under review, and developing computer assisted audit techniques (CAATs) to test controls.
11. Oversees the assigned deliverables and continually reviews workload for team members, aligning projects to meet the Companys strategic needs.
12. Helps guide remediation efforts to closure, and advise on control requirements for new systems or process design.
13. Researches and stays current on new technical literature applicable to the internal control process (e.g., PCAOB guidance, SEC, etc.), emerging trends and standard methodologies. Informs management of emerging trends and best practices in IT governance, risk and compliance.
14. Performs quality review of work products performed by internal staff and co-source provider to ensure testing work papers meet the requirements consistently across all areas (including IT General Controls).
15. Assists with the expansion of Internal Audit services beyond SOX compliance; promote expertise, new ideas, and new ways of realizing projects and infrastructure enhancement to guide continuous improvement in the delivery of internal audit services.
16. Participates in and advises on initiatives in areas like enterprise risk management, cybersecurity, business continuity planning and disaster recovery, physical security, data analytics, and data privacy.
17. Other assignments or special projects as requested by management.
Performs other work-related duties as assigned. Minimal travel may be required (up to 25%). Discharge responsibilities in a manner that is consistent with The Institute of Internal Auditors Code of Ethics, International Standards for the Professional Practice of Internal Auditing and Statement of Responsibilities.
Bachelors Degree or equivalent in Information Systems, Accounting, Finance, Business, or related field or equivalent combination of experience and education. Extensive experience in IT audit, technology risk and compliance or other related roles (general technology controls, application, and pre/post implementation system development reviews) within a public accounting, and/or internal audit function.
Professional Certification is preferred (CISA, CISSP, CPA, or equivalent). Understanding and working knowledge of major professional audit frameworks and standards such as IIA, COBIT, NIST, SOX, etc. including working technical knowledge of US GAAP, SEC reporting requirements, COSO, SOX requirements, including PCAOB Auditing Standard No. 5 and latest pronouncements, IIA standards and audit processes and procedures. Experience with internal controls evaluation, ITGCC, and SOX 404 requirements including all phases of planning, evaluation, documentation, testing and remediation. Auditing knowledge of: Oracle e-Business Suite; SQL and Oracle Database security; Windows Operating System and Active Directory Security including Users and Groups, Group Policy, Domain Structures; UNIX / Linux Operating System Security, including Users and Groups, System Configurations, File Permissions, Privileged Accounts, Password Controls. Demonstrated proficiency of technology auditing control disciplines (security, application development, change management, or operations). Self-starter, able to think analytically, communicates complex issues, and develops control recommendations. Must have excellent verbal, written and presentation skills with the ability to present control analysis and recommendations (both technical and non-technical) with clarity and professionalism. Experience with using ACL or other data analytics tools (a plus). Proficient in Microsoft Office suite. Proven abilities in taking responsibility for executing concurrently on a portfolio of high quality deliverables according to strict timetables. Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views. Articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style.
: North America - US, Raleigh 3201, NC
: Yes, 25 % of the Time
Why Syneos Health? Join a game-changing global company that is reinventing the way therapies are developed and commercialized. Created through the merger of two industry leading companies - INC Research and inVentiv Health - we bring together more than 21,000 clinical and commercial minds to create better, smarter, faster ways to get biopharmaceutical therapies to patients. Teaming with some of the most talented professionals in the industry, you'll gain exposure and work in a dynamic environment where you'll be supported with comprehensive resources including emerging technologies, data, science and knowledge sharing. Grow your career with a global company committed to shortening the distance from lab to life. For information please visit https://www.syneoshealth.com/
Job Id #: 17004454View All Jobs