Information Security Auditor, Senior - Zebra Technologies
Lincolnshire, IL
About the Job
Remote Work: Hybrid
Overview:
At Zebra, we are a community of innovators who come together to create new ways of working to make everyday life better. United by curiosity and care, we develop dynamic solutions that anticipate our customer’s and partner’s needs and solve their challenges.
Being a part of Zebra Nation means being seen, heard, valued, and respected. Drawing from our diverse perspectives, we collaborate to deliver on our purpose. Here you are a part of a team pushing boundaries to redefine the work of tomorrow for organizations, their employees, and those they serve.
You have opportunities to learn and lead at a forward-thinking company, defining your path to a fulfilling career while channeling your skills toward causes that you care about – locally and globally. We’ve only begun reimaging the future – for our people, our customers, and the world.
Let’s create tomorrow together.
The Senior Information Security Auditor leads in the execution of Information Technology (IT) audits, including those audits facilitated over the IT organization and the IT aspects of the company’s financial, operational, and compliance audit projects. Reporting to the Director, Information Security, the Senior Information Technology Auditor may provide guidance to other parts of the organization.
Responsibilities:
+ Responsible for planning, leading, and executing IT audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT sub-focus):
+ Performs upfront Internal Audit project planning, including the definition of audit scope and audit work programs
+ Leads interviews to understand the business process and application flow and documents the business process in a set of flowcharts or narratives
+ Evaluates the effectiveness of the design of controls for business processes and executes testing of internal controls, identifying exceptions
+ Incorporates the use of data analytics where appropriate to improve the audit efficiency and broaden the audited population
+ Summarizes the audit results in a set of audit workpapers and an audit report and presents results to management
+ Ensures that Zebra IA methodology is adhered and that workpapers are compliant with the Institute of Internal Auditors' Professional Standards for Internal Auditing
+ Leads or assists in the execution of SOX compliance pre-auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walkthroughs, and testing the effectiveness of ITGC SOX controls.
+ Assists with efforts to evaluate system access and segregation of duties and evaluates the company’s cyber security strategies and processes.
+ Participates as an independent resource on new systems development and implementation projects to ensure controls are properly designed and in place.
+ May provide other team members, as relevant, with appropriate guidance during the course of project work.
+ Ensures that Management and the audited party are kept up to date with audit status and the potential audit findings during the course of fieldwork.
+ Takes the lead role on complex projects and works under guidance of a Manager or Director on some projects classified as having very high complexity.
+ Over time, begins to take on responsibilities at the next level.
+ Provides constructive feedback and concrete action steps to continually improve performance.
+ Builds a good rapport and solid business relationships with the Zebra Management Team.
+ Manage department key performance metrics and actively engage in the continuous improvement of the Internal Audit department
+ Create reports that highlight areas where process or technology (i.e. IT infrastructure) may be improved
+ Recommend changes to controls, processes, and procedures to ensure data integrity and security and improve operational efficiency and appropriate suggestions to achieve the improvements
+ Prepare appropriate documentation (e.g. narratives, flowchart, control matrices, segregation of duties analyses, application controls, audit reports, etc.) in support of all assurance and consulting work performed.
Qualifications:
Minimum Qualifications:
+ Bachelor's degree in Accounting Information Systems,
Management Information Systems, Computer Science,
Accounting, or other related Business degree
+ 3+ years of experience with a leading public accounting /
consulting firm (focused on IT audit, including at least 1 year
of ERP controls auditing, consulting and/or implementing)
Key Skills and Competencies:
+ Command over risk and internal controls specific to
information technology, including, but not limited to
those risks and controls specific to system
implementation / change management
+ Completing tests around financial system controls compliance, IT General Computer Controls (ITGC), and Application Controls
+ Conduct information security compliance to policy audits (e.g. ISO2700X, NIST, etc.) to evaluate risk, compliance, and control effectiveness, focusing on long-term strategies for a public company
+ Thorough understanding of audit methodologies
and processes (e.g., COSO, COBIT)
Preferred Qualifications:
+ General knowledge of ISO 27000 and / or NIST is a
plus.
+ Experience auditing major ERP systems; Knowledge
specific to Oracle ERP is a strong plus.
+ Demonstrates some understanding of ERP
core financial modules, projects, some
industry-specific modules and/or bolt-on
products, and GRC technology.
+ Demonstrates some knowledge of security
and control (including configuration) for ERP
applications and/or technologies.
+ Demonstrates some knowledge of the
design, implementation, and/or assessment
of controls, including an understanding of
the systems implementation lifecycle, as
well as configuring and optimizing business
process controls and application security
+ Demonstrates some understanding of
business processes related to core ERP
modules, including knowledge of industryspecific modules/products and/or direct
experience configuring and implementing an
ERP.
+ Experience with auditing cyber-security and / or
product security (IT security for technology
products) is a plus.
+ General knowledge of IIA Standards is a plus.
+ Proficiency in PC-based computer systems, including
Microsoft Office programs and Visio. Knowledge of
audit software such as Teammate AM and ACL is a
plus.
+ In addition to the core knowledge and skills noted
above, the Senior IT Auditor should have the
following areas of knowledge and / or skill:
+ Basic understanding of core business
processes
+ Proficiency in auditing for potential fraud
+ Proficiency in data analytics procedures /
techniques
+ Ability to evaluate risk impact and
vulnerability
+ Ability to navigate through moderate levels
of ambiguity and drive value-added
recommendations
+ Solid communication skills with a sense of
presence with the management team
Position Specific Information
+ Travel Requirements: Travel is estimated at 10-15%, potentially including
international travel.
Zebra is an equal opportunity/affirmative action employer committed to a diverse and inclusive workplace All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability and protected veteran status or any other basis prohibited by law. If you are an individual with a disability and need assistance in applying for a position, please contact us at workplace.accommodations@zebra.com. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.
Know Your Rights:
https://www.eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf
Conozca sus Derechos:
https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRightsSp_10_20.pdf
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Zebra is a federal contractor and is committed to an alcohol and drug free workplace. As a result, all U.S. based employees are subject to the Drug and Alcohol Free Workplace Policy and Procedure.
Zebra Total Rewards includes more than just pay and is structured to meet the needs of our changing global business and evolving talent. We are committed to providing our employees with a benefits program that is comprehensive and competitive – including healthcare, wellness, inclusion networks, and continued learning and development offerings. We offer community service days, in addition to the traditional insurances, compensation, parental leave, employee assistance program and paid time off offerings depending on the country where you work.
Salary: USD 82500.00 - USD 123700.00 Yearly
Salary offered will vary depending on your location, job-related skills, knowledge, and experience.
Additionally, all Zebra roles are eligible for cash incentive programs. For example, sales roles have additional opportunity to earn substantial variable compensation tied to quota achievement. In most other roles, the Zebra annual cash incentive program links Company and individual performance together. Some roles may also be eligible for long-term incentive equity awards.
To protect candidates from falling victim to online fraudulent activity involving fake job postings and employment offers, please be aware our recruiters will always connect with you via @zebra.com (https://www.zebra.com/ap/en.html) email accounts. Applications are only accepted through our applicant tracking system and only accept personal identifying information through that system. Our Talent Acquisition team will not ask for you to provide personal identifying information via e-mail or outside of the system. If you are a victim of identity theft contact your local police department.
Source : Zebra Technologies