Manager, IT Compliance and SOX (Remote)
Job Description SummaryReporting to the Director, TGS Risk & Compliance, the IT Compliance and SOX Manager is responsible for maintaining the IT SOX control framework, managing the IT Compliance analysts, and supporting the Technology and Global Services (TGS) team members throughout the annual SOX audits. This individual will be responsible for leading the global IT compliance activities which include Sarbanes-Oxley IT controls oversight and coordination of EY IT audit engagement.
Be part of something bigger!
BD is one of the largest global medical technology companies in the world and is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. We have over 65,000 employees and a presence in virtually every country around the world to address some of the most challenging global health issues.
Primary responsibilities will include:
Accountable for overall IT Compliance activity execution; demonstrates progress toward pre-established objectives, assesses risk and implementation strategies to ensure successful delivery of IT Compliance program
Accountable for maintaining the IT SOX control framework and ensuring compliance with IT SOX regulations and external auditor regulations. IT SOX specific responsibilities include:
Managing the planning of the IT SOX compliance program and coordinating with our external auditors, EY, to scope the annual IT SOX audit
Act as the main point of contract with the external auditors in terms of planning, request status, remediation planning, closure of IT SOX issues before year end, and pushing back on behalf of Management where necessary
Managing the IT Compliance team to ensure everyone has clearly assigned activities with understanding of deliverables and due dates
Ensuring the IT Compliance team understands the responsibility to review evidence prior to it being provided to EY for testing
Engage with IT leadership to ensure they are aware of IT SOX Compliance activities throughout the year including scope of audit, compliance deliverables and remediation monitoring
Deployment of IT SOX to new businesses / applications in scope (either new acquisitions or legacy businesses that have risen above the materiality threshold)
Controls guidance going forward
Periodic monitoring of controls throughout their life span
Evaluating IT changes and projects to determine whether the changes or new system implementations are SOX applicable as part of BD’s Regulatory Assessment Process
Supporting IT Projects (SDLC controls) for IT SOX systems to ensure that implementations or major upgrades for SOX relevant systems are following BD’s IT control framework
Working with the project teams to ensure that the SDLC IT General Controls are followed throughout the life cycle of a project
Supporting IT Compliance assessments of relevant TGS projects
Develop IT Compliance team capabilities and mentor staff to provide career growth and learning opportunities
Work with control owners throughout the year to assist with improving IT control processes
Evaluate changes in process, people, and technology that may have an impact to internal control over financial reporting (may include process changes, new accounting pronouncements, and/or system implementations). Document SOX impact and provide controls guidance and training, as required
Conduct Annual SOX compliance training for the IT organization
Maintain IT control checklists and other documentation that is leveraged to foster continuous compliance for IT SOX controls
Manage co-source provider for the IT Management testing team and work to establish reliance approach with external auditors
Relationship Management for Outsourced service providers to help design Compliance program that aligns with Company objectives
Manage updates to test results in Archer and maintain control library within Archer GRC ensuring accuracy
Ensure the IT Compliance Analysts are trained and understand their responsibilities as it relates to SOX compliance
Qualifications and Experience:
Candidate will be able to leverage past experiences and knowledge to provide advice on optimal solutions for implementation of effective IT controls to strengthen our processes, reduce risk and sustain compliance requirements. Maintains effective communication with team members and functional leadership in all activities required to plan, perform, monitor, and support the global IT compliance and SOX work.
5 + years’ experience with IT controls and SOX compliance
Experience with managing a team
Shows effective project management skills, the ability to be a self-starter, and able to effectively manage workload
Advanced knowledge of IT controls and SOX regulations
Experience with testing and reviewing the testing of IT SOX controls
Familiarity with PCAOB requirements and evolving points of emphasis preferred
Experience with evaluating IT control deficiencies and the development of action plans to remediate control deficiencies, including guiding IT organizations on creating new controls to address design gaps
Understands business processes, particularly information technology related areas, and related master data
Has a working knowledge of SAP, preferably at a super user level
Has knowledge and experience with business processes to understand the business operations and can propose improvements or new alternatives that will assist BD locations in their efforts to implement the global business process in a controlled manner
Can work well within a complex team environment comprised of a virtual team members located across multiple regions
Ability to effectively partner with business functions as well as a 3rd party service provider team
Understands the value of process-oriented approaches as well as ability to establish and monitor key metrics
Experience in projects accountable for leading change is a definite plus
Preferably has experience with JDE and Archer GRC
Knowledge of Information Security Risk is preferred
Big 4 or equivalent experience preferred
A bachelor’s degree in a subject related to one of the following functions: Information Technology, Management, Information Security, Finance, or related discipline. CISA, CISM, CRISC, CISSP or other relevant certification preferred.
For many roles at BD, employment is contingent upon the Company’s receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, weekly testing for COVID-19 may be available instead of vaccination. Consistent with BD’s Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law.
Why join us?
A career at BD means being part of a team that values your opinions and contributions and that empowers you to bring your authentic self to work. Here our associates can fulfill their life’s purpose through the work that they do every day.
You will learn and work alongside inspirational leaders and colleagues who are equally passionate and committed to fostering an inclusive, growth-centered, and rewarding culture. Our Total Rewards program — which includes competitive pay, benefits, continuous learning, recognition, career growth, and life balance components — is designed to support the varying needs of our diverse and global associates.
To learn more about BD visit https://jobs.bd.com/
Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.
Primary Work LocationUSA NJ - Franklin Lakes
Recommanderà un ami
Approbationdu Présiden et Chef de la direction
«Nous sommes une entreprise qui vise des résultats concrets et où nos associés s’emploient chaque jour à améliorer les soins de santé. De nombreuses initiatives sont en cours pour faire de BD un leader mondial des technologies médicales.»
Anonyme, Franklin Lakes, NJ