Associate Director Global Internal Audit

Profile

Bristol-Myers Squibb is a global Biopharma company committed to a single mission: to discover, develop, and deliver innovative medicines focused on helping millions of patients around the world in disease areas such as oncology, cardiovascular, immunoscience and fibrosis.

Join us and make a difference. We hire the best people and provide them with a work environment that places a premium on diversity, integrity, collaboration and personal development. Through a culture of inclusion, we create a better, more productive work environment. We believe that the diverse experiences and perspectives of all our employees help to drive innovation and transformative business results.

The Associate Director, Global Internal Audit, leads teams assigned primarily to IT audits in addition to operational, financial, compliance, third-party and strategic audits across business units and functions. Responsibilities include managing all audit phases, i.e., conducting risk assessments to determine audit scope, executing risk-based audit procedures and identifying/reporting on observations as well as process improvements. Drives special projects and continuous improvement initiatives. Coaches and mentors 3-5 direct reports and other team members. Participates with the Chief Audit Officer and the Directors in developing and updating the risk-based, dynamic audit plan.

Responsibilities:

Assist in the development of risk-based audit plan content and related goals for the department.

Manage audits of critical and emerging technology and processes (e.g. Cybersecurity, Data Governance, DevOps, etc.), new and existing business applications/solutions and technology infrastructure components providing guidance to the audit team regarding business and control risks and technical concepts. Understand risks related to complex platforms (e.g. cloud), ERP and related applications. Manage integrated and non-IT audits as needed. Manage assigned team (internal and co-sourced) in assessing risk, establishing project scope, audit program design and execution of control design and operating effectiveness tests.

Coach teams to effectively assess risks and controls during planning to develop a risk-based audit scope considering input from key stakeholders.

Propose and execute audit programs and testing procedures that address highest risks for activities in scope and drive execution of the audit/project to BMS and IIA standards.

Ensure all engagements are completed in line with BMS and IIA standards.

Coordinate engagement plans and schedules with other GIA leaders to ensure efficient and effective resource allocation.

Liaise with other risk management functions, to further audit plan execution, coordination and understand the results of work performed by such functions; Act in an advisory capacity (given departmental independence) with respect to these matters where appropriate.

Contribute to departmental initiatives as needed, including developing or presenting content.

Effectively manage cross-functional departmental staff, including co-sourced audit resources. Effectively perform all HR related company processes including performance management, team mentoring and development planning.

Drive the preparation of the report for each engagement ensuring findings, action items and recommendations are practical and actionable. Communicate effectively with internal and external management to align on audit observations and recommendations.

Participate in department recruiting efforts to identify, recruit and onboard talent.

Coach/mentor direct reports and staff assigned to audits.

Foster an inclusive and feedback-rich environment.

Develop strong networks with key stakeholders to identify audit plan input, identify and cascade to relevant people, process and system changes to GIA, and act as a resource to them on control/process issues.

Monitor and cascade emerging risks and changes in Company policies and procedures, auditing standards and industry practices/regulations, to suggest changes to audit plans and procedures.

Identify, lead and participate in continuous improvement initiatives.

Quickly recognize the existence of a problem, its business relevance, and determine a logical solution.

Ensure that opportunities for making control and operational improvements are identified.

Participate in enterprise-wide initiatives

In addition, other job duties that may be assigned may be modified at any time as both the departmental and company needs require.

Qualifications:

BS/BA or equivalent required; MBA or other advanced degree desired

Professional certification required including, CISA; a CPA or CIA is also preferred. Other risk management related certifications, such as CISSP or CIPP are desired.

Auditing experience required. A minimum of 10 years of prior experience in IT auditing with broad experience across financial, operational, business controls, or compliance areas and the ability to audit across multiple risk areas individually and in an integrated audit strongly preferred.

Experience with a Big Four firm and internal audit is preferred.

Experience managing direct reports required.

Standards/Frameworks/Regulations - Knowledge of IIA standards, COBIT and ITIL required. Knowledge of GAAP and industry specific compliance regulations (anti-bribery, promotional practices, and data privacy) preferred.

Ability to present and write concisely and clearly to all management levels.

Process Design and Analysis - Ability to analyze controls and complex processes and assess their efficiency and effectiveness.

Strong understanding of IT controls across layers (i.e. application, database, network) and various technologies required. Excel/Word/PowerPoint capability required; Data analytics experience preferred (specifically with visualization tools such as Tableau or Spotfire).Experience with ERPs, such as SAP or Oracle, desired.

Language - English required, fluency in additional language(s) preferred

Ability to travel globally - up to 35% of the time.

Bristol-Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees the resources to pursue their goals, both at work and in their personal lives.

Company: Bristol-Myers Squibb

Req Number: R1522890_EN

Updated: 2020-03-10 00:00:00.000 UTC

Location: Princeton,New Jersey

Bristol Myers Squibb is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, pregnancy, citizenship, marital status, gender expression, genetic information, political affiliation, or any other characteristic protected by law.

Company info

Bristol-Myers Squibb Company
Website : http://www.bms.com