Corporate Audit IT Senior Specialist
- Jersey City, NJ
Our Finance team brings together our financial perspectives into our overall strategic and tactical decision making. We use state-of-the-art techniques for financial analysis, planning, accounting, reporting and performance evaluation. This allows the organization to continue advancing medical innovation and improve lives.
Position Overview / Function and Responsibility
The successful incumbents will need to possess a solid mix of audit and business operations experience in a multitude of different IT environments (i.e., applications, operating systems and infrastructure). The primary role of the candidate will be to participate in the execution of IT internal audit engagements to assess the adequacy of internal controls and deliver value add reports. This includes performing walkthroughs and testing information technology general controls (ITGCs) to provide reasonable assurance that adequate application and infrastructure internal controls are both designed and operating effectively. A successful incumbent will be well versed in SOX controls, SAP and in the System Development Life Cycle (SDLC) and to be able to audit to the relevant requirements.
Under the direction of the Audit Director and the Auditor-in-Charge ("AIC"), the Senior Specialist will:
- Participate in the execution of IT internal audit engagements.
- Support financial or operational, integrated and process audits, both domestic and abroad.
- On occasion, the incumbent will be expected to lead small teams of auditors on audits with limited management supervision in addition to actively performing audit work.
- Under the direction of the AIC, partner with colleagues and clients, support groups, and other organizations to effectively complete all assigned audit work.
- Execute audit programs and work papers (including walkthroughs and sample testing) in line with the established quality standards and timelines.
- Collaborate with the audit team in the writing of audit summaries of issues and reports which accurately describe identified control concerns, associated risks, and appropriate recommendations
- Maintain the highest standards of professionalism and independence in the execution of duties with the highest level of integrity and quality. Show good judgment in the conduct of work.
- Bachelor's degree in computer science, information systems, business, accounting, finance or a related discipline
Required Experience and Skills:
- A minimum of three years of IT auditing experience
- Experience in Sarbanes-Oxley documentation, test development and test execution; working knowledge of ITGCs as they relate to Sarbanes-Oxley (S404) including SOC reports (SSAE18).
- Understanding of core IT management processes at application and infrastructure level (e.g., Logical Access, Change Management, System Development Lifecycle, Information Security, IT Ops etc.)
- Basic understanding of security and control risks in emerging technology environments (e.g. Cybersecurity, Cloud, Mobile Computing, Robotic Process Automation, etc.)
- Good understanding of SAP business processes (i.e., OTC, FBM), controls (automated, manual, security) and elements of underlying configurations.
- Excellent verbal and written communication skills as well as a creative problem-solving mindset paired with an auditor's "show me" skepticism
- Excellent interpersonal skills, including the ability to interact effectively with client and business process owners as well as colleagues.
- Effective oral and written communication skills.
- Strong time management skills and the ability to work within a team as well as independently.
- Attention to detail and the ability to multi-task are essential to the position.
- Ability to travel both domestically and internationally up to 30% of the time.
- CISA, CISSP, CIA, CPA, CA or CISM
- Big 4 or Regional Auditing/Accounting Firm Experience.
Our Support Functions deliver services and makes recommendations about ways to enhance our workplace and the experience of working at our organization. Our Support Functions include HR, Finance, Information Technology, Legal, Procurement, Administration, Facilities and Security.
US and Puerto Rico Residents Only:
If you need an accommodation for the application process please email us at firstname.lastname@example.org
For more information about personal rights under Equal Employment Opportunity, visit:
EEOC GINA Supplement
OFCCP EEO Supplement
OFCCP Pay Transparency Rule
We are an equal opportunity employer, Minority/Female/Disability/Veteran - proudly embracing diversity in all of its manifestations.
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Kenilworth, NJ, USA, also known as Merck Sharp & Dohme Corp., Kenilworth, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Flexible Work Arrangements:
Valid Driving License:
Number of Openings:
Back to top