The position supports assurance activities across our organization applicable to IT risks and general controls relative to Stericycle’s IT applications. These assurance activities generally support business requirements, best practices, and Sarbanes-Oxley compliance, with both a domestic and international focus. Responsibilities Include:
- Support IT audit activities throughout Stericycle’s business units to understand IT risk and evaluate applicable IT controls related to the organization’s IT applications leveraging audit frameworks (e.g. COBIT, ITIL, NIST, etc.)
- Perform IT Infrastructure reviews of Windows, Microsoft SQL Server, Oracle, Unix, and Active Directory.
- Oversees the testing procedures related to all aspects of Stericycle’s IT controls activities.
- Plays an integral role in Stericycle’s Sarbanes-Oxley Section 404 project team, supporting all IT audit work streams, liaison with executive management, IT Compliance, co-source auditors, and external auditors.
- Coaches, guides, and reviews work product of staff-level IT co-source auditors to ensure high quality deliverables.
- Monitors reported issues and deficiencies, including follow up and validation of management actions. Takes corrective action, where necessary.
- Interacts with individuals throughout all levels and functions of the organization, including executive and business unit leaders.
- Involved in the performance of annual risk assessments resulting in an audit plan to be approved by the Vice President of Internal Audit and the Audit Committee.
- Collaborates with Stericycle’s external auditors to accomplish testing objectives.
- Educates management teams about identified risks and assist in the design of controls to mitigate said risks without losing auditing independence.
- Assists with the integration of existing control frameworks into newly acquired businesses.
- Fosters a positive work environment.
- Effectively extracts and analyzes large volumes of data using advanced auditing software to accomplish various audit objectives.
- Education equivalent to bachelor’s degree in Management Information Systems, Computer Science, or related field; demonstrates a working knowledge of COBIT, ITIL, and/or NIST.
- Three to five years of progressive IT audit experience with a CPA firm or within an internal audit Ability to manage moderately complex audit projects; develop corrective action alternatives; prepare comprehensive, clear, concise reports; maintain objectivity and impartiality; and develop strong working relationships throughout all levels of an organization.
- Knowledge of cyber security and business system resiliency.
- An ability to effectively influence others with respect to risks and controls.
- CISA, CISSP, CPA, or CIA, designations a plus.
- Language skills are a strong plus. An ability to write and speak fluent non-English languages, including Spanish, Portuguese, Japanese and/or Korean is viewed strongly.
- Ability to travel up to 20% of the time, including international.
- Strong SAP (S4 HANA) and SAP GRC 12.0 knowledge
- Strong ERP implementation experience
- SOC / SSAE 18 and/or other third-party assessment review experience
- Data analytics experience, including use of Alteryx and similar technologies
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.