Lincolnshire, IL, 60069, USA
39 days ago
Information Security Auditor, Senior
Remote Work: Hybrid Overview: At Zebra, we are a community of innovators who come together to create new ways of working to make everyday life better. United by curiosity and care, we develop dynamic solutions that anticipate our customer’s and partner’s needs and solve their challenges. Being a part of Zebra Nation means being seen, heard, valued, and respected. Drawing from our diverse perspectives, we collaborate to deliver on our purpose. Here you are a part of a team pushing boundaries to redefine the work of tomorrow for organizations, their employees, and those they serve. You have opportunities to learn and lead at a forward-thinking company, defining your path to a fulfilling career while channeling your skills toward causes that you care about – locally and globally. We’ve only begun reimaging the future – for our people, our customers, and the world. Let’s create tomorrow together. The Senior Information Security Auditor leads in the execution of Information Technology (IT) audits, including those audits facilitated over the IT organization and the IT aspects of the company’s financial, operational, and compliance audit projects. Reporting to the Director, Information Security, the Senior Information Technology Auditor may provide guidance to other parts of the organization. Responsibilities: + Responsible for planning, leading, and executing IT audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT sub-focus): + Performs upfront Internal Audit project planning, including the definition of audit scope and audit work programs + Leads interviews to understand the business process and application flow and documents the business process in a set of flowcharts or narratives + Evaluates the effectiveness of the design of controls for business processes and executes testing of internal controls, identifying exceptions + Incorporates the use of data analytics where appropriate to improve the audit efficiency and broaden the audited population + Summarizes the audit results in a set of audit workpapers and an audit report and presents results to management + Ensures that Zebra IA methodology is adhered and that workpapers are compliant with the Institute of Internal Auditors' Professional Standards for Internal Auditing + Leads or assists in the execution of SOX compliance pre-auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walkthroughs, and testing the effectiveness of ITGC SOX controls. + Assists with efforts to evaluate system access and segregation of duties and evaluates the company’s cyber security strategies and processes. + Participates as an independent resource on new systems development and implementation projects to ensure controls are properly designed and in place. + May provide other team members, as relevant, with appropriate guidance during the course of project work. + Ensures that Management and the audited party are kept up to date with audit status and the potential audit findings during the course of fieldwork. + Takes the lead role on complex projects and works under guidance of a Manager or Director on some projects classified as having very high complexity. + Over time, begins to take on responsibilities at the next level. + Provides constructive feedback and concrete action steps to continually improve performance. + Builds a good rapport and solid business relationships with the Zebra Management Team. + Manage department key performance metrics and actively engage in the continuous improvement of the Internal Audit department + Create reports that highlight areas where process or technology (i.e. IT infrastructure) may be improved + Recommend changes to controls, processes, and procedures to ensure data integrity and security and improve operational efficiency and appropriate suggestions to achieve the improvements + Prepare appropriate documentation (e.g. narratives, flowchart, control matrices, segregation of duties analyses, application controls, audit reports, etc.) in support of all assurance and consulting work performed. Qualifications: Minimum Qualifications: + Bachelor's degree in Accounting Information Systems, Management Information Systems, Computer Science, Accounting, or other related Business degree + 3+ years of experience with a leading public accounting / consulting firm (focused on IT audit, including at least 1 year of ERP controls auditing, consulting and/or implementing) Key Skills and Competencies: + Command over risk and internal controls specific to information technology, including, but not limited to those risks and controls specific to system implementation / change management + Completing tests around financial system controls compliance, IT General Computer Controls (ITGC), and Application Controls + Conduct information security compliance to policy audits (e.g. ISO2700X, NIST, etc.) to evaluate risk, compliance, and control effectiveness, focusing on long-term strategies for a public company + Thorough understanding of audit methodologies and processes (e.g., COSO, COBIT) Preferred Qualifications: + General knowledge of ISO 27000 and / or NIST is a plus. + Experience auditing major ERP systems; Knowledge specific to Oracle ERP is a strong plus. + Demonstrates some understanding of ERP core financial modules, projects, some industry-specific modules and/or bolt-on products, and GRC technology. + Demonstrates some knowledge of security and control (including configuration) for ERP applications and/or technologies. + Demonstrates some knowledge of the design, implementation, and/or assessment of controls, including an understanding of the systems implementation lifecycle, as well as configuring and optimizing business process controls and application security + Demonstrates some understanding of business processes related to core ERP modules, including knowledge of industryspecific modules/products and/or direct experience configuring and implementing an ERP. + Experience with auditing cyber-security and / or product security (IT security for technology products) is a plus. + General knowledge of IIA Standards is a plus. + Proficiency in PC-based computer systems, including Microsoft Office programs and Visio. Knowledge of audit software such as Teammate AM and ACL is a plus. + In addition to the core knowledge and skills noted above, the Senior IT Auditor should have the following areas of knowledge and / or skill: + Basic understanding of core business processes + Proficiency in auditing for potential fraud + Proficiency in data analytics procedures / techniques + Ability to evaluate risk impact and vulnerability + Ability to navigate through moderate levels of ambiguity and drive value-added recommendations + Solid communication skills with a sense of presence with the management team Position Specific Information + Travel Requirements: Travel is estimated at 10-15%, potentially including international travel. Zebra is an equal opportunity/affirmative action employer committed to a diverse and inclusive workplace All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability and protected veteran status or any other basis prohibited by law. If you are an individual with a disability and need assistance in applying for a position, please contact us at workplace.accommodations@zebra.com. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Know Your Rights: https://www.eeoc.gov/sites/default/files/2022-10/EEOC\_KnowYourRights\_screen\_reader\_10\_20.pdf Conozca sus Derechos: https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRightsSp\_10\_20.pdf We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Zebra is a federal contractor and is committed to an alcohol and drug free workplace. As a result, all U.S. based employees are subject to the Drug and Alcohol Free Workplace Policy and Procedure. Zebra Total Rewards includes more than just pay and is structured to meet the needs of our changing global business and evolving talent. We are committed to providing our employees with a benefits program that is comprehensive and competitive – including healthcare, wellness, inclusion networks, and continued learning and development offerings. We offer community service days, in addition to the traditional insurances, compensation, parental leave, employee assistance program and paid time off offerings depending on the country where you work. Salary: USD 82500.00 - USD 123700.00 Yearly Salary offered will vary depending on your location, job-related skills, knowledge, and experience. Additionally, all Zebra roles are eligible for cash incentive programs. For example, sales roles have additional opportunity to earn substantial variable compensation tied to quota achievement. In most other roles, the Zebra annual cash incentive program links Company and individual performance together. Some roles may also be eligible for long-term incentive equity awards. To protect candidates from falling victim to online fraudulent activity involving fake job postings and employment offers, please be aware our recruiters will always connect with you via @zebra.com (https://www.zebra.com/ap/en.html) email accounts. Applications are only accepted through our applicant tracking system and only accept personal identifying information through that system. Our Talent Acquisition team will not ask for you to provide personal identifying information via e-mail or outside of the system. If you are a victim of identity theft contact your local police department.
Confirm your E-mail: Send Email