Manager - IT Audit (Hybrid)

Biogen, Cambridge Massachusetts, US

Work at Biogen


Job DescriptionAbout the Role The IT Audit Manager will lead and help manage the most complicated and challenging IT and Cybersecurity internal audit projects or potentially multiple projects at the same time with supporting staff from beginning to end, identify risk areas, create, and complete test plans and the communicate results and recommendations to Management. Collaborate with and supervise other internal and external team members on various audits to ensure timely and thorough completion of their assigned responsibilities. Lead key Internal Audit technology initiatives around process improvement - including increased use of data analytics, process automation (RPA) etc.Responsibilities include:Assist Internal Audit leadership team in the risk assessment and annual audit plan development process.Develop, manage, and perform IT, cybersecurity, infrastructure, SDLC, regulatory, emerging technology audits.Ownership of engagements end-to-end including planning, fieldwork, and reporting; communicate directly with management at all levels to validate audit observations.Participate, as necessary, in senior executive level presentations on audit findings, potential remediation plans and other key management initiatives.Establishes effective business relationships within the company and assists management in the understanding of internal control principles and open remediation plans.Coordinate with InfoSec to investigate cybersecurity incidents, as neededResponsible for on-going mentoring, development of IA team members.Testing of ITGCs as part of SOX compliance program.Coordinate and supervise internal audit work provided by third-party providers as required.Responsible for performing assigned departmental administrative responsibilities and driving completion of selected departmental goals, such as: staff recruiting; preparation of Audit Committee Materials; Data analytics, trend reports, etc.QualificationsRequirementsHybrid Model - will work both in office and remotely. Minimum 6 years of diversified (i.e., audit & consulting) experience in an internal audit or IT risk advisory practice, with some 'Big 4'experience preferred. Work experience should indicate progressively more responsibility.CISA, CISSP, CIA, other Information/ Cybersecurity credentials preferredDemonstrated willingness to roll up sleeves to and do the work, while helping out the rest of the team.Solid understanding of COBIT, Security Frameworks (i.e. NIST), GRC tools and ISACA, IIA StandardsWorking knowledge of major business (Oracle, Workday etc.), Infrastructure (Cloud, SaaS, etc.), and Information/Cybersecurity tools strongly preferred. Ability to manage projects and supervise less experienced professional staff. Excellent written and verbal communication skills. Excellent organizational and project management skills. Self-motivated, able to work in a team and independently. Ability to interact with employees at all levels of the organization. Bachelor's degree in business, information systems, or other relevant field.Professional certifications preferred - CISA, CISM, CISSP, CRISC, CIA.MBA / advanced degree considered a plus.Life Sciences industry experience considered to be a plus.Education: Bachelors degree in business, information systems, or other relevant field is highly preferred.Additional InformationAll your information will be kept confidential according to EEO guidelines.PDN-97508910-f5f9-40c7-af2a-25a38743d28e