Johnson & Johnson
Lead Technology Auditor
Johnson & Johnson, New Brunswick, New Jersey, us, 08933
Johnson & Johnson Global Audit & Assurance (GAA) organization is seeking a Lead Technology Auditor to be located in New Brunswick, NJ.
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com/.
For more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day. Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world. Our diverse workforce and culture of belonging accelerate innovation to solve the world’s most pressing healthcare challenges.
We know that the success of our business – and our ability to deliver meaningful solutions – depends on how well we understand and meet the diverse needs of the communities we serve. Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential. At Johnson & Johnson, we all belong.
Global Audit & Assurance’s primary mission is to provide independent, objective assurance and advisory services to assist management in maintaining compliance with government and industry regulations, mitigating risk, and achieving operational excellence. To this end, the Lead Technology Auditor conducts Risk Based Reviews of information resources across the Johnson & Johnson Family of Companies to evaluate internal controls' adequacy and develop recommendations for improvement. Information resources include business-critical applications such as SAP, JD Edwards, and BPCS, as well as the related technology infrastructure, data, facilities, organizations, privacy, cybersecurity, and business processes.
Responsibilities:
Lead a team of auditors during audit engagements providing guidance, delegation, and feedback
Provide leadership and coaching to a subordinate staff of Technology audit professionals and Global Audit & Assurance team members
Influence without authority, both internal to GAA, and external partners (e.g., IT, Business/Process Owners)
Effectively lead Third Party co-source relationships for audit engagements
Auditing of sophisticated IT environments serving as the Team Coordinator on audit engagements
Performing the following audit activity with limited supervision from IT Audit Managers
Capturing and analyzing info rmation to identify key risks and corresponding controls
Systematically testing and evaluating controls to verify efficiency and effectiveness of operation, reliability of data, and compliance with applicable laws and regulations
Recommending control improvements
Communicating findings and recommendations to management
Documenting audit work using automated audit management tools
Performs root cause analysis and articulates control deficiencies and remediation techniques both internally and with senior management
Tracking, Monitoring, and following up on the status of corrective actions until closure
Lead and perform ongoing risk assessments of capabilities throughout the enterprise, including but not limited to IT control design and processes
Independently assess the design and operating efficiency of internal controls over financial reporting
Coordinates & performs ongoing control testing consistent with the J&J SOX 404 program guidelines
Coordinate and manage interactions with multi-functional and cross-geographical teams both internally and externally, as necessary
As part of the audit process, the Lead IT Auditor identifies internal control best practices and promotes their adoption across the enterprise
In addition, Lead IT Auditors to provide training to other department and affiliate organizations members and may lead Internal Audit improvement projects using appropriate methodologies.
Qualifications
A Bachelor's degree (BA/BS) is required.
A minimum of 4 years of information technology, audit, or assurance and advisory experience is required, preferably with a Big 4 or leading risk advisory/ public accounting firm. Must have knowledge of Master Data, system configuration, and process controls.
Experience with the design, development, and implementation of internal controls for large ERP systems preferred.
Analytical skills; specifically, the ability to assess and decompose processes utilizing a risk and control focus
Good understanding of IT & Information Security Management Frameworks and standards such as ISO, SANS, COBIT, ITIL, CSA, and regulations such as SOX, PCI Compliance, and HIPAA with demonstrated proficiency in one or more of the following areas is required: ERP systems (SAP, JD Edwards), information security, program/project management, and/or infrastructure services (operating systems, databases, network).
Experience with Cyber Security risk and control is preferred
Experience with SAP HANA is preferred High level of self-confidence, strong people and management skills and proven leadership ability, strong influencing skills
Experience interacting with all levels of management is required.
Exposure or understanding of control concepts and processes with practical experience in regulatory compliance, internal audits, risk management, process improvement preferred
Professional security, audit, or control-related certification, such as CISSP, CISA, CRISC, or CIA, is strongly preferred.
Excellent presentation and written communication skills
English fluency (written and verbal) is required; fluency in multiple languages is a plus.
Must have the ability to work in a highly collaborative, team-oriented environment
Willingness to travel domestically and internationally is required (up to 40%)
#J-18808-Ljbffr
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com/.
For more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day. Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world. Our diverse workforce and culture of belonging accelerate innovation to solve the world’s most pressing healthcare challenges.
We know that the success of our business – and our ability to deliver meaningful solutions – depends on how well we understand and meet the diverse needs of the communities we serve. Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential. At Johnson & Johnson, we all belong.
Global Audit & Assurance’s primary mission is to provide independent, objective assurance and advisory services to assist management in maintaining compliance with government and industry regulations, mitigating risk, and achieving operational excellence. To this end, the Lead Technology Auditor conducts Risk Based Reviews of information resources across the Johnson & Johnson Family of Companies to evaluate internal controls' adequacy and develop recommendations for improvement. Information resources include business-critical applications such as SAP, JD Edwards, and BPCS, as well as the related technology infrastructure, data, facilities, organizations, privacy, cybersecurity, and business processes.
Responsibilities:
Lead a team of auditors during audit engagements providing guidance, delegation, and feedback
Provide leadership and coaching to a subordinate staff of Technology audit professionals and Global Audit & Assurance team members
Influence without authority, both internal to GAA, and external partners (e.g., IT, Business/Process Owners)
Effectively lead Third Party co-source relationships for audit engagements
Auditing of sophisticated IT environments serving as the Team Coordinator on audit engagements
Performing the following audit activity with limited supervision from IT Audit Managers
Capturing and analyzing info rmation to identify key risks and corresponding controls
Systematically testing and evaluating controls to verify efficiency and effectiveness of operation, reliability of data, and compliance with applicable laws and regulations
Recommending control improvements
Communicating findings and recommendations to management
Documenting audit work using automated audit management tools
Performs root cause analysis and articulates control deficiencies and remediation techniques both internally and with senior management
Tracking, Monitoring, and following up on the status of corrective actions until closure
Lead and perform ongoing risk assessments of capabilities throughout the enterprise, including but not limited to IT control design and processes
Independently assess the design and operating efficiency of internal controls over financial reporting
Coordinates & performs ongoing control testing consistent with the J&J SOX 404 program guidelines
Coordinate and manage interactions with multi-functional and cross-geographical teams both internally and externally, as necessary
As part of the audit process, the Lead IT Auditor identifies internal control best practices and promotes their adoption across the enterprise
In addition, Lead IT Auditors to provide training to other department and affiliate organizations members and may lead Internal Audit improvement projects using appropriate methodologies.
Qualifications
A Bachelor's degree (BA/BS) is required.
A minimum of 4 years of information technology, audit, or assurance and advisory experience is required, preferably with a Big 4 or leading risk advisory/ public accounting firm. Must have knowledge of Master Data, system configuration, and process controls.
Experience with the design, development, and implementation of internal controls for large ERP systems preferred.
Analytical skills; specifically, the ability to assess and decompose processes utilizing a risk and control focus
Good understanding of IT & Information Security Management Frameworks and standards such as ISO, SANS, COBIT, ITIL, CSA, and regulations such as SOX, PCI Compliance, and HIPAA with demonstrated proficiency in one or more of the following areas is required: ERP systems (SAP, JD Edwards), information security, program/project management, and/or infrastructure services (operating systems, databases, network).
Experience with Cyber Security risk and control is preferred
Experience with SAP HANA is preferred High level of self-confidence, strong people and management skills and proven leadership ability, strong influencing skills
Experience interacting with all levels of management is required.
Exposure or understanding of control concepts and processes with practical experience in regulatory compliance, internal audits, risk management, process improvement preferred
Professional security, audit, or control-related certification, such as CISSP, CISA, CRISC, or CIA, is strongly preferred.
Excellent presentation and written communication skills
English fluency (written and verbal) is required; fluency in multiple languages is a plus.
Must have the ability to work in a highly collaborative, team-oriented environment
Willingness to travel domestically and internationally is required (up to 40%)
#J-18808-Ljbffr