Apply for this job now

Global IT Audit Manager

Location
Deerfield, Illinois
Job Type
Permanent
Posted
19 Sep 2022

This is where you save and sustain lives

At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You'll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.

Baxter's products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.

Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.

Join us at the intersection of saving and sustaining lives- where your purpose accelerates our mission.

Your Role at Baxter

This is where your insights influence change.

Baxter Global Audit is in the midst of a significant transformation, and we are looking to hire someone who can be part of this exciting journey. A key dimension of this role will be leading a multi-disciplinary team through complex technical and operational assessments to objectively identify and evaluate risks that may adversely impact the security posture or operations of the business.

There will be staff and senior IT audit consultants reporting to this role. To accomplish this role, the IT Audit manager will:

  • Collaborate with global audit peers and partners to implement and maintain an industry leading standard audit methodology focused on automated control testing and technical understanding of Baxter's portfolio of risks across IT, privacy and connected device platforms
  • Tailor audit plans to fit the industry risk and compliance profile of the target auditable entity and conduct core technical and integrated audits
  • Maintain an adaptive, yet agile approach based on the in-scope entity's technical architecture and use of specific technology platforms or configurations.
  • Ability to apply data analytics across IT environment for advanced audit planning and continuous audit concepts
  • Manage a global team consisting of staff and senior IT auditors, including coordination and collaboration with finance audit teams
  • As requested, support 2nd line IT support for compliance and controls through and help perform support across IT SOX program

What You'll Be Doing:

Annual audit plan and Stakeholder Engagement
  • Assist in facilitating and managing risk based Annual audit plan based on Global Audit methodology
  • Assist audit management towards developing business partnership with Senior IT, Privacy, Device Security and other key leadership and stakeholders in order to facilitate discussions for risk assessments and audit planning
  • Participate and lead in cross functional IT, Security, Privacy, Product Device discussions and stakeholder management
  • Provide inputs to the IT Audit director on the plan each quarter to ensure adequacy of coverage and incorporate emerging risk areas as part of quarterly rolling audit plan

Execution of audit plan
  • Execute the audits that are assigned and acts as an IT audit manager to work and liaison with stakeholders and IT audit management team and broader senior leadership team
  • Perform advanced audits in the areas of emerging technology risks - device cybersecurity, cloud platforms, IT governance, Agile Software Development Cycle methodologies, Enterprise Cybersecurity, Manufacturing Industrial Control Systems Controls testing
  • Continuously monitor progress / quality of assigned audits
  • Ensure use of IT Audit tools where applicable
  • Ensure documentation quality and compliance to the Corporate Audit methodology
  • Regular tracking to ensure timely completion of Audit engagements and Issue Management

Preparing update for senior management and Audit Committee
  • Provide inputs and assist in preparing quarterly update for Audit Committee on the status of IT audit plan and ad-hoc IT audits, key audit observations, status of audit recommendations etc.

Knowledge management / team development
  • Finds opportunities for improvement to audit methodology, tools, and training.
  • Stays current on relevant business risks (e.g., current events, audit trends, new technologies, cyber security, etc.) and determines where appropriate to apply to engagements.
  • Leverages audit to educate management on complex technical risks, the application of control frameworks, and the quantitative management of risks.
  • Manages and develops direct reports to strengthen leadership capability and audit proficiency
  • Mentors their audit team members in building audit, BU, and cyber knowledge.

What You'll Bring:
  • Bachelor's Degree in Computer Science or in "STEM" Majors
  • 6+ years of professional experience in IT Governance, IT Risk, IT Audit, IT Operations or related fields, preferably with a Fortune 1000 companies or Big 4 assurance organization.
  • CISM, CISA, CISSP, CRISC designation or other relevant certification is required.
  • Experience in digital / digital transformation concepts applicable to enterprise level maturity (Robotics, Machine Learning, Cloud, etc.)
  • Solid experience in the Identity Access Management space, ERP Systems (JDE specifically), Manufacturing Systems/Industrial Controls Systems
  • Experience supporting audits and assessments across cloud technology (AWS, Azure), Software-as-a-Service (Workday, COUPA, etc.)
  • Understanding of regulatory and external requirements as they relate to IT, privacy, and cybersecurity for regulations such as HIPAA, GDPR, and SOX.
  • Experience using some of the industry standards/framework, such as NIST 800-53, NIST 800-171, NIST Privacy Framework, CSA CCM, ISO 27001, ITIL v3, COBIT and FAIR is desirable.
  • Knowledge of IT Operational Functions including IAM, Asset Management, Cybersecurity, Data Privacy.
  • Track record of working alongside business leaders, positioning internal audit as a strategic partner, identifying and helping mitigate risk.
  • Superior business acumen: ability to build positive relationships and trust with company leadership and business process owners.
  • Modern Audit/ Data-Driven Approach - Track record of leveraging technology and using data to drive insights and actions.
  • Strong quantitative and qualitative analysis skills; ability to take large volumes of complex information and present it in a clear and concise manner; uses data and a cogent problem-solving methodology in decision making and impact assessment.

Preferred/Not Required
  • Implementation of large-scale ERP packages, including JDE, SAP, Oracle and other similar systems
  • Understanding of the quality regulations and auditing techniques required for the medical device industry
  • Medical Device / Enterprise Connected Devices Experience from 3rd line defense perspective
  • Outsourced IT SOX strategy and experience

The successful candidate for this job may be required to verify that he or she has been vaccinated against COVID-19, subject to reasonable accommodations for individuals with medical conditions or religious beliefs that prevent vaccination, and in accordance with applicable law.

Equal Employment Opportunity

Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.

EEO is the Law
EEO is the law - Poster Supplement
Pay Transparency Policy

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the link here and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams, where fraudulent parties pose as Baxter employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our Recruitment Fraud Notice .

072427
Apply for this job now

Details

  • Job Reference: 716292278-2
  • Date Posted: 19 September 2022
  • Recruiter: Baxter
  • Location: Deerfield, Illinois
  • Salary: On Application
  • Sector: Banking & Financial Services
  • Job Type: Permanent