Senior IT Auditor
Role details
Job location
Tech stack
Job description
The Senior IT Auditor is responsible for contributing towards planning, executing, and reporting on operational IT audits, evaluating risks and controls, including application, infrastructure, cloud, data management, SDLC, change management, and IT operations, in accordance with IIA standards and department methodologies. Perform IT SOX control walkthroughs and testing, along with preparing the related documentation. Assess the effectiveness of cybersecurity controls, including identity and access management, vulnerability management, logging and monitoring, incident response, and security governance.
In this role, a typical day might include the following:
-
Review controls related to cloud computing (e.g., AWS, Azure), SaaS platforms, data lakes, and analytics environments, including shared responsibility models.
-
Design and execute data analyticsdriven audit procedures using tools such as Dataiku or equivalent, to identify anomalies, trends, and control gaps.
-
Apply automation, continuous auditing techniques, and responsible use of AI, where appropriate, to improve audit efficiency, coverage, and insight, including assessing AIenabled business processes and controls.
-
Manage timely completion of audit tasks, including communication of status to the auditee and the Manager/Director.
-
Identify, document, and communicate control deficiencies, root causes, technology risks, and opportunities for improvement, providing practical, actionable recommendations aligned with business objectives.
-
Present the results of audit work to Internal Audit Management and auditees, including practical recommendations to address identified risks and/or weaknesses in internal controls as well as opportunities to enhance operational efficiencies.
-
Prepare clear, concise, and professional audit reports and executivelevel presentations for Internal Audit leadership, management, and key stakeholders.
Requirements
-
Advanced knowledge of IT infrastructure, applications, cybersecurity, and automated controls
-
Strong understanding of SOX, COSO, COBIT, NIST, GxP, GDPR, and other relevant regulatory and governance frameworks.
-
Strong analytical, criticalthinking, and problemsolving skills, with the ability to independently assess risk and propose solutions.
-
Comfortable working and learning independently and as part of a team
-
Excellent interpersonal, communication and writing skills, strong organizational abilities, and attention to detail are required
-
Experience with data analytical tools (e.g. Dataiku, Alteryx, etc.)
-
Understanding of AI concepts, associated risks (e.g., model governance, data quality, access, ethical use), and internal controls relevant to AIenabled processes.
To be considered for this role, you must have a minimum of 3 - 4 years of progressive experience in IT audit, information security, or technology risk. Experience auditing and evaluating infrastructure, cybersecurity risks/controls and auditing operating systems. Pharmaceutical, life sciences, or other regulated industry experience strongly preferred. Big 4 or public accounting experience preferred but not required.
Benefits & conditions
Does this sound like you? Apply now to take your first step towards living the Regeneron Way! We have an inclusive culture that provides comprehensive benefits, which vary by location. In the U.S., benefits may include health and wellness programs (including medical, dental, vision, life, and disability insurance), fitness centers, 401(k) company match, family support benefits, equity awards, annual bonuses, paid time off, and paid leaves (e.g., military and parental leave) for eligible employees at all levels! For additional information about Regeneron benefits in the US, please visit https://careers.regeneron.com/en/working-at-regeneron/total-rewards/. For other countries specific benefits, please speak to your recruiter.
