Senior IT Auditor

Regeneron
Sleepy Hollow, United States of America
14 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 153K

Job location

Sleepy Hollow, United States of America

Tech stack

Microsoft Access
Artificial Intelligence
Amazon Web Services (AWS)
Azure
Software as a Service
Cloud Computing
Control Objectives for Information and Related Technology (COBIT)
Computer Security
Identity and Access Management
Information Technology Audit
Information Technology Operations
Systems Development Life Cycle
Software Vulnerability Management
Data Logging
Data Lake
Data Analytics
Data Management
Dataiku
GXP
Alteryx

Job description

The Senior IT Auditor is responsible for contributing towards planning, executing, and reporting on operational IT audits, evaluating risks and controls, including application, infrastructure, cloud, data management, SDLC, change management, and IT operations, in accordance with IIA standards and department methodologies. Perform IT SOX control walkthroughs and testing, along with preparing the related documentation. Assess the effectiveness of cybersecurity controls, including identity and access management, vulnerability management, logging and monitoring, incident response, and security governance.

In this role, a typical day might include the following:

  • Review controls related to cloud computing (e.g., AWS, Azure), SaaS platforms, data lakes, and analytics environments, including shared responsibility models.

  • Design and execute data analyticsdriven audit procedures using tools such as Dataiku or equivalent, to identify anomalies, trends, and control gaps.

  • Apply automation, continuous auditing techniques, and responsible use of AI, where appropriate, to improve audit efficiency, coverage, and insight, including assessing AIenabled business processes and controls.

  • Manage timely completion of audit tasks, including communication of status to the auditee and the Manager/Director.

  • Identify, document, and communicate control deficiencies, root causes, technology risks, and opportunities for improvement, providing practical, actionable recommendations aligned with business objectives.

  • Present the results of audit work to Internal Audit Management and auditees, including practical recommendations to address identified risks and/or weaknesses in internal controls as well as opportunities to enhance operational efficiencies.

  • Prepare clear, concise, and professional audit reports and executivelevel presentations for Internal Audit leadership, management, and key stakeholders.

Requirements

  • Advanced knowledge of IT infrastructure, applications, cybersecurity, and automated controls

  • Strong understanding of SOX, COSO, COBIT, NIST, GxP, GDPR, and other relevant regulatory and governance frameworks.

  • Strong analytical, criticalthinking, and problemsolving skills, with the ability to independently assess risk and propose solutions.

  • Comfortable working and learning independently and as part of a team

  • Excellent interpersonal, communication and writing skills, strong organizational abilities, and attention to detail are required

  • Experience with data analytical tools (e.g. Dataiku, Alteryx, etc.)

  • Understanding of AI concepts, associated risks (e.g., model governance, data quality, access, ethical use), and internal controls relevant to AIenabled processes.

To be considered for this role, you must have a Bachelor's degree with a minimum of 3 - 4 years of progressive experience in IT audit, information security, or technology risk. CISA, CISM and/or CISSP certifications/license preferred. Experience auditing and evaluating infrastructure, cybersecurity risks/controls and auditing operating systems. Pharmaceutical, life sciences, or other regulated industry experience strongly preferred. Big 4 or public accounting experience preferred but not required.

Benefits & conditions

Where necessary, we disclose salary ranges for roles in all countries in which we operate. The final offer will be determined within the relevant range based on the country of employment, specific role level, and your skills and experience. In some countries, collective bargaining agreements (CBAs) may apply and influence certain elements of pay or benefits. Regeneron offers a competitive and comprehensive total rewards package which may include, depending on country and role: annual bonuses or other incentive plans, equity awards, pension or retirement benefits, 401(k) company match, health and wellness programs, fitness centers, insurance benefits (e.g. medical, dental, vision, life and disability), paid time off, and family support benefits. For additional information about Regeneron benefits in the U.S., please visit https://careers.regeneron.com/en/working-at-regeneron/total-rewards/. For other locations, additional information will be provided during the recruitment process. If you have any questions, please speak with your recruiter.

Please be advised that at Regeneron, we believe we do our best work when we are together. For that reason, many roles are required to be performed onsite. Please speak with your recruiter and hiring manager for more information about onsite expectations for your role and location.

As part of the recruitment process, certain background checks may be conducted in accordance with the laws of the country where the position is based. The purpose of such checks is to verify certain information prior to the commencement of employment such as identity, right to work and educational qualifications.

For jobs in Canada: this posting is for an existing position.

Salary Range (annually) $93,900.00 - $153,300.00

About the company

Regeneron is a leading biotechnology company that invents, develops, and commercializes life-transforming medicines for people with serious diseases. Founded and led by physician-scientists, our unique ability to repeatedly and consistently translate science into medicine has led to numerous approved treatments and product candidates in development, most of which were homegrown in our laboratories. Our medicines and pipeline are designed to help patients with eye diseases, allergic and inflammatory diseases, cancer, cardiovascular and metabolic diseases, neurological diseases, hematologic conditions, infectious diseases, and rare diseases.

Apply for this position