IT Audit, Senior Specialist
Merck & Co., Inc
Posted Friday, April 19, 2024
Posting ID: R290536
Rahway, NJ
Share:
Job Description
Position Description:
Our Company's Corporate Audit and Assurance Services' (MCAAS) provides value-added independent and risk based audit, assurance and advisory services.
Position Overview Function and Responsibility
The successful incumbent will need to possess a solid mix of audit and business operations experience in a multitude of different IT environments (i.e., applications, operating system and infrastructure). The primary role of the candidate will be to participate in the execution of IT internal audit engagements to assess the adequacy of internal controls and deliver value add reports. This includes conducting walkthroughs and testing information technology general controls (ITGCs), as well as assessing network security controls, to provide reasonable assurance that adequate application and infrastructure internal controls are both designed and operating effectively. A successful incumbent will be well versed in SAP, cloud infrastructure, access management, network operations and in the System Development Life Cycle (SDLC) and to be able to audit to the relevant requirements.
Under the direction of the Client Audit Director ("CAD") and the Auditor-in-Charge ("AIC"), the Senior Specialist will:
Education Minimum Requirement:
In accordance with Managers' Policy - Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.
If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separation package, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.
gwesfin400
#eligableforerp
Employees working in roles that the Company determines require routine collaboration with external stakeholders, such as customer-facing commercial, or research-based roles, will be expected to comply not only with Company policy but also with policies established by such external stakeholders (for example, a requirement to be vaccinated against COVID-19 in order to access a facility or meet with stakeholders). Please understand that, as permitted by applicable law, if you have not been vaccinated against COVID-19 and an essential function of your job is to call on external stakeholders who require vaccination to enter their premises or engage in face-to-face meetings, then your employment may pose an undue burden to business operations, in which case you may not be offered employment, or your employment could be terminated. Please also note that, where permitted by applicable law, the Company reserves the right to require COVID-19 vaccinations for positions, such as in Global Employee Health, where the Company determines in its discretion that the nature of the role presents an increased risk of disease transmission.
Current Employees apply HERE
Current Contingent Workers apply HERE
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights
EEOC GINA Supplement
Pay Transparency Nondiscrimination
We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, generally Tuesday, Wednesday and either Monday or Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as remote".
Under New York State, Colorado State, Washington State, and California State law, the Company is required to provide a reasonable estimate of the salary range for this job. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate's relevant skills, experience, and education.
Expected salary range:
$101,100.00 - $159,100.00
Available benefits include bonus eligibility, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. For Washington State Jobs, a summary of benefits is listed here .
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Employee Status:
Regular
Relocation:
No relocation
VISA Sponsorship:
No
Travel Requirements:
10%
Flexible Work Arrangements:
Hybrid
Shift:
Not Indicated
Valid Driving License:
No
Hazardous Material(s):
n/a
Requisition ID:R290536
Position Description:
Our Company's Corporate Audit and Assurance Services' (MCAAS) provides value-added independent and risk based audit, assurance and advisory services.
Position Overview Function and Responsibility
The successful incumbent will need to possess a solid mix of audit and business operations experience in a multitude of different IT environments (i.e., applications, operating system and infrastructure). The primary role of the candidate will be to participate in the execution of IT internal audit engagements to assess the adequacy of internal controls and deliver value add reports. This includes conducting walkthroughs and testing information technology general controls (ITGCs), as well as assessing network security controls, to provide reasonable assurance that adequate application and infrastructure internal controls are both designed and operating effectively. A successful incumbent will be well versed in SAP, cloud infrastructure, access management, network operations and in the System Development Life Cycle (SDLC) and to be able to audit to the relevant requirements.
Under the direction of the Client Audit Director ("CAD") and the Auditor-in-Charge ("AIC"), the Senior Specialist will:
- Participate in the execution of IT internal audit engagements.
- Support financial or operational, integrated and process audits, both domestic and abroad.
- On occasion, the incumbent will be expected to lead small teams of auditors on audits with limited management supervision in addition to actively performing audit work.
- Under the direction of the AIC, partner with colleagues and clients, support groups, and other organizations to effectively complete all assigned audit work.
- Execute audit programs and work papers (including walkthroughs and sample testing) in line with the established quality standards and timelines.
- Conduct IT policy compliance, system implementation, network security, cybersecurity, third party, and other recurring IT audits.
- Assist in the communication of findings and recommendations to all levels of departmental and operating unit management.
- Maintain the highest standards of professionalism and independence in the execution of duties with the highest level of integrity and quality. Show good judgment in the conduct of work.
Education Minimum Requirement:
- Bachelor's degree in computer science, information systems, business, accounting, finance or a related discipline
- A minimum of three years of IT audit or Risk experience
- Basic understanding of security and control risks in emerging technology environments (e.g. Cybersecurity, Cloud, Mobile Computing, Robotic Process Automation, etc.)
- Understanding of core IT management processes at application and infrastructure level (e.g., Logical Access, Change Management, System Development Lifecycle, Information Security, Network Security, IT Ops etc.)
- Excellent verbal and written communication skills as well as a creative problem-solving mindset paired with an auditor's "show me" skepticism.
- Excellent interpersonal skills, including the ability to interact effectively with client and business process owners as well as colleagues.
- Effective oral and written communication skills.
- Strong time management skills and the ability to work within a team as well as independently.
- Attention to detail and the ability to multi-task are essential to the position.
- Ability to travel both domestically and internationally up to 30% of the time.
- CISA, CISSP, CIA, CPA, CA or CISM
- Big 4 or Regional Accounting Firm Experience.
In accordance with Managers' Policy - Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.
If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separation package, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.
gwesfin400
#eligableforerp
Employees working in roles that the Company determines require routine collaboration with external stakeholders, such as customer-facing commercial, or research-based roles, will be expected to comply not only with Company policy but also with policies established by such external stakeholders (for example, a requirement to be vaccinated against COVID-19 in order to access a facility or meet with stakeholders). Please understand that, as permitted by applicable law, if you have not been vaccinated against COVID-19 and an essential function of your job is to call on external stakeholders who require vaccination to enter their premises or engage in face-to-face meetings, then your employment may pose an undue burden to business operations, in which case you may not be offered employment, or your employment could be terminated. Please also note that, where permitted by applicable law, the Company reserves the right to require COVID-19 vaccinations for positions, such as in Global Employee Health, where the Company determines in its discretion that the nature of the role presents an increased risk of disease transmission.
Current Employees apply HERE
Current Contingent Workers apply HERE
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights
EEOC GINA Supplement
Pay Transparency Nondiscrimination
We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, generally Tuesday, Wednesday and either Monday or Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as remote".
Under New York State, Colorado State, Washington State, and California State law, the Company is required to provide a reasonable estimate of the salary range for this job. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate's relevant skills, experience, and education.
Expected salary range:
$101,100.00 - $159,100.00
Available benefits include bonus eligibility, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. For Washington State Jobs, a summary of benefits is listed here .
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Employee Status:
Regular
Relocation:
No relocation
VISA Sponsorship:
No
Travel Requirements:
10%
Flexible Work Arrangements:
Hybrid
Shift:
Not Indicated
Valid Driving License:
No
Hazardous Material(s):
n/a
Requisition ID:R290536
Contact Information
Email: at-jobfeeds+merckcoinc@careercircle.com
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
On-Site