Dir, Internal Audit - IT at Syneos Health

Description

Director, Internal Audit – IT

The Director, Internal Audit - IT is a pivotal member of the Internal Audit team, with responsibility for front-line management and hands-on execution of key internal audit initiatives. In fulfilling these responsibilities, the Director supports the SVP, Internal Audit in the execution of the Internal Audit charter and performs IT related audit activities at the direction of Executive Director, Internal Audit - IT. Responsible for planning, performing, and executing risk-based IT audit, assurance, and advisory activities and managing large, complex, and highly visible engagements. This role contributes to the Internal Audit IT organization with strategic direction in the establishment of risk-based IT auditing and reporting methodologies, organization design, and effective positioning of the function to ensure provision of independent assurance and consulting services consistent and aligned with company’s business objectives. Works without direct supervision and adept at balancing the dual role of objective assurance provider and consultative business partner who can develop solid working relationships with senior management and stakeholders and lead other Internal Audit team members. The Director will also develop strong partnerships with business leaders to support services provided to other departments, including IT, Finance, Legal, Compliance, and Information Security. In addition, the Director will also establish and maintain a strong collaboration with the company’s external auditor to perform audit activities in an efficient manner. The successful candidate should have a specific background in audit including experience with Sarbanes Oxley Act as well as experience in some aspect of the life sciences and biopharmaceutical industries. Additionally, the candidate should have a demonstrated track record of advancement and possess the ability to provide pragmatic internal control recommendations that add value to the organization. Manages internal staff and external resources from a co-source provider on an as-needed basis.

Syneos Health® is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities.

Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life®.

Discover what our 29,000 employees, across 110 countries already know:

WORK HERE MATTERS EVERYWHERE

Why Syneos Health

• We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program.
• We are committed to our Total Self culture – where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people.
• We are continuously building the company we all want to work for and our customers want to work with. Why? Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives – we’re able to create a place where everyone feels like they belong.
  
  

Job Responsibilities

• Assist in preparation of annual IT Risk Assessment as part of the Internal Audit overall annual plan used in defining the scope of IT and operational audits to be performed during the year as well as the annual SOX IT General Controls review.
• Lead audit effort coverage of the key controls supporting distributed technology infrastructure and IT risk and security processes.
• Lead the development and analysis of key metrics to identify trends in technology operations that support Internal Audit efforts.
• Designs, plans, prepares and executes organization-wide IT audit plans and oversees SOX IT control testing (including IT General Controls such as change management, user access/security, and computer operations as well as controls over system generated information).
• Works effectively across all levels of management including coordinating with IA co-source provider and external financial auditors to ensure audit reliance strategy and integrated audit support.
• Partners with all levels of IT management, Internal and External Audit to ensure audits and SOX testing are conducted in a cooperative, timely and efficient manner with value added recommendations being provided to management to strengthen controls where applicable.
• Structures and manages both internal team and external (co-source) resources to maximize effectiveness, impact and efficiency of audit service delivery.
• Routinely summarizes and communicates to the effected control owners and IT management, control weaknesses identified during testing. Shares any insight into operations or suggestions for corrective actions and improvements that drive increased efficiency and mitigate risk.
• Partners with IT teams on optimizing business processes by evaluating the application controls of systems that support the business process under review, and developing computer assisted audit techniques (CAATs) and data analytics to test controls.
• Helps guide remediation efforts to closure and advise on control requirements for new systems or process design.
• Researches and stays current on new technical literature applicable to the internal control process (e.g., PCAOB guidance, SEC, NIST, ISO, GxP, etc.), emerging trends and standard methodologies. Informs management of emerging trends and best practices in IT governance, risk and compliance.
• Performs quality review of work products performed by internal staff and co-source provider to ensure testing work papers meet the requirements consistently across all areas.
• Participates in and advises on initiatives in areas like enterprise risk management, system integrations, cybersecurity, business continuity planning and disaster recovery, physical security, data analytics, and data privacy.
• Other assignments or special projects as requested by management.
• Performs other work-related duties as assigned.
• Discharge responsibilities in a manner that is consistent with The Institute of Internal Auditor’s Code of Ethics, International Standards for the Professional Practice of Internal Auditing and Statement of Responsibilities.
• Minimal travel may be required (up to 25%).
  
  

Qualifications

Get to know Syneos Health

Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients.

No matter what your role is, you’ll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health

Qualification Requirements

• Bachelor’s Degree or equivalent in Information Systems, Accounting, Finance, Business, or related field or equivalent combination of experience and education.
• Extensive experience in IT audit, technology risk and compliance or other related roles (general technology controls, application, and pre/post implementation system development reviews) within a public accounting, and/or internal audit function.
• Professional Certification is preferred (CISA, CISSP, CIA, CPA, or equivalent).
• Understanding and working knowledge of major professional audit frameworks and standards such as IIA, COBIT, NIST, ISO, SOX, etc. including working technical knowledge of US GAAP, SEC reporting requirements, COSO, SOX requirements, including PCAOB Auditing Standard No. 5 and latest pronouncements, IIA standards and audit processes and procedures.
• Experience with internal controls evaluation, ITGC, and SOX 404 requirements including all phases of planning, evaluation, documentation, testing and remediation.
• Auditing knowledge of: Oracle e-Business Suite; Oracle Fusion Cloud ERP, Azure cloud infrastructure, identity management, patch and vulnerability management, SQL and Oracle Database security; Windows Operating System and Active Directory Security including Users and Groups, Group Policy, Domain Structures; UNIX / Linux Operating System Security, including Users and Groups, System Configurations, File Permissions, Privileged Accounts, Password Controls.
• Demonstrated proficiency of technology auditing control disciplines (security, application development, change management, or operations).
• Self-starter, able to think analytically, communicates complex issues, and develops control recommendations.
• Must have excellent verbal, written and presentation skills with the ability to present control analysis and recommendations (both technical and non-technical) with clarity and professionalism.
• Experience with using data analytics and visualization tools such as Galvanize (ACL), Alteryx, PowerBI, etc. is a plus.
• Proficient in Microsoft Office suite.
• Proven abilities in taking responsibility for executing concurrently on a portfolio of high-quality deliverables according to strict timetables.
• Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
• Articulate and effective communicator, both orally and in writing, with an energetic, charismatic, and approachable style.
  
  

At Syneos Health, we believe in providing an environment and culture in which Our People can thrive, develop and advance. We reward and recognize our people by providing valuable benefits and a quality-of-life balance. The benefits for this position may include a company car or car allowance, Health benefits to include Medical, Dental and Vision, Company match 401k, eligibility to participate in Employee Stock Purchase Plan, Eligibility to earn commissions/bonus based on company and individual performance, and flexible paid time off (PTO) and sick time. Because certain states and municipalities have regulated paid sick time requirements, eligibility for paid sick time may vary depending on where you work. Syneos complies with all applicable federal, state, and municipal paid sick time requirements.

The annual base salary for this position ranges from $106,830 to $207,800. The base salary range represents the anticipated low and high of the Syneos Health range for this position. Actual salary will vary based on various factors such as the candidate’s qualifications, skills, competencies, and proficiency for the role.

Disclaimer

Tasks, duties, and responsibilities as listed in this job description are not exhaustive. The Company, at its sole discretion and with no prior notice, may assign other tasks, duties, and job responsibilities. Equivalent experience, skills, and/or education will also be considered so qualifications of incumbents may differ from those listed in the Job Description. The Company, at its sole discretion, will determine what constitutes as equivalent to the qualifications described above. Further, nothing contained herein should be construed to create an employment contract. Occasionally, required skills/experiences for jobs are expressed in brief terms. Any language contained herein is intended to fully comply with all obligations imposed by the legislation of each country in which it operates, including the implementation of the EU Equality Directive, in relation to the recruitment and employment of its employees. The Company is committed to compliance with the Americans with Disabilities Act, including the provision of reasonable accommodations, when appropriate, to assist employees or applicants to perform the essential functions of the job.