Johnson & Johnson Global Audit & Assurance (GAA) organization is seeking a Lead Information Technology (IT) Auditor! The primary location for this role is New Brunswick, New Jersey. Under our flexible work arrangement, we offer a hybrid work environment; 3 days in office/2 days remote.
Caring for the world, one person at a time, has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products, and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people worldwide.
With $93.8 billion in 2021 sales, Johnson & Johnson is the world's most comprehensive and broadly based manufacturer of health care products and a provider of related services for the consumer, pharmaceutical, medical devices, and diagnostics markets! There are more than 265 Johnson & Johnson operating companies employing approximately 126,500 people and with products touching the lives of over a billion people worldwide. So if you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen!
Global Audit & Assurance’s primary mission is to provide independent, objective assurance and advisory services to assist management in maintaining compliance with government and industry regulations, mitigating risk, and achieving operational excellence. To this end, the Lead IT Auditor conducts Risk Based Reviews of information resources across the Johnson & Johnson Family of Companies to evaluate internal controls' adequacy and develop recommendations for improvement. Information resources include business-critical applications such as SAP, JD Edwards, and BPCS, as well as the related technology infrastructure, data, facilities, organizations, privacy, cybersecurity, and business processes.
- Lead a team of auditors during audit engagements providing guidance, delegation, and feedback
- Influence without authority, both internal to GAA, and external partners (e.g., IT, Business/Process Owners)
- Effectively lead Third Party co-source relationships for audit engagements
- Auditing of sophisticated IT environments serving as the Team Coordinator on audit engagements
- Performing the following audit activity with limited supervision from IT Audit Managers
- Capturing and analyzing information to identify key risks and corresponding controls
- Systematically testing and evaluating controls to verify efficiency and effectiveness of operation, reliability of data, and compliance with applicable laws and regulations
- Recommending control improvements
- Communicating findings and recommendations to management
- Documenting audit work using automated audit management tools
- Performs root cause analysis and articulates control deficiencies and remediation techniques both internally and with senior management
- Tracking, Monitoring, and following up on the status of corrective actions until closure
- Lead and perform ongoing risk assessments of capabilities throughout the enterprise, including but not limited to IT control design and processes
- Independently assess the design and operating efficiency of internal controls over financial reporting
- Coordinates & performs ongoing control testing consistent with the J&J SOX 404 program guidelines
- Coordinate and manage interactions with multi-functional and cross-geographical teams both internally and externally, as necessary
- As part of the audit process, the Lead IT Auditor identifies internal control best practices and promotes their adoption across the enterprise
- In addition, Lead IT Auditors to provide training to other department and affiliate organizations members and may lead Internal Audit improvement projects using appropriate methodologies.
- A Bachelor's degree (BA/BS) is required.
- 4+ years of information technology, audit, or assurance and advisory experience, preferably with a Big 4 or leading risk advisory/ public accounting firm. Must have knowledge of Master Data, system configuration, and process controls.
- Experience with the design, development, and implementation of internal controls for large ERP systems preferred.
- Analytical skills; specifically, the ability to assess and decompose processes utilizing a risk and control focus
- Good understanding of IT & Information Security Management Frameworks and standards such as ISO, SANS, COBIT, ITIL, CSA, and regulations such as SOX, PCI Compliance, and HIPAA with demonstrated proficiency in one or more of the following areas is required: ERP systems (SAP, JD Edwards), information security, program/project management, and/or infrastructure services (operating systems, databases, network).
- Experience with Cyber Security risk and control is preferred
- Experience with SAP HANA is preferred
- High level of self-confidence, strong people and management skills and proven leadership ability, strong influencing skills
- Experience interacting with all levels of management is required.
- Exposure or understanding of control concepts and processes with practical experience in regulatory compliance, internal audits, risk management, process improvement preferred
- Professional security, audit, or control-related certification, such as CISSP, CISA, CRISC, or CIA, is strongly preferred.
- Excellent presentation and written communication skills
- English fluency (written and verbal) is required; fluency in multiple languages is a plus.
- Must have the ability to work in a highly collaborative, team-oriented environment
- Willingness to travel domestically and internationally is required (up to 40%)
At Johnson & Johnson, we’re on a mission to change the trajectory of health for humanity. That starts by creating the world’s healthiest workforce. Through cutting-edge programs and policies, we empower the physical, mental, emotional and financial health of our employees and the ones they love. As such, depending on location and subject to local legislation, candidates offered employment may be required to show proof of COVID-19 vaccination or, in certain countries, secure an approved accommodation prior to the commencement of employment to support the well-being of our employees, their families and the communities in which we live and work. If you are invited to interview for the position, your recruiter will advise on the vaccine requirement status in your geographic location.
Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com .
The anticipated base pay range for this position is $88,000 to $142,600.
The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/ performance year. Bonuses are awarded at the Company’s discretion on an individual basis.
Employees may be eligible to participate in Company employee benefit programs such as health insurance, savings plan, pension plan, disability plan, vacation pay, sick time, holiday pay, and work, personal and family time off in accordance with the terms of the applicable plans. Additional information can be found through the link below.
For additional general information on company benefits, please go to: - https://www.careers.jnj.com/employee-benefits