Senior IT Auditor, IT Audit and Assurance

The Finance team’s goal is to be a trusted and collaborative partner to all the businesses and functional teams that we work with, bringing business acumen, financial expertise and insights to aid decision-making and deliver value to our stakeholders. We strive to generate value through providing specialist advice and making recommendations to optimize decision making, delivering transparent processes and implementing governance and controls to mitigate risk.

Let’s talk about the team:

The primary role of IT Auditor is to assess IT risks throughout the organization, within various information systems and tools, and independently test and document controls to ensure IT risks are appropriately mitigated, both for our internal business process supporting information systems, as well as our customer facing solutions. As an IT Auditor, you will work closely with the other five members of the IT Audit team (based in Sydney, Kuala Lumpur, Dublin and San Diego) to perform IT risk assessments and provide advice that will help ResMed manage IT risks as it continues its Digital Transformation journey.

Let’s talk about the role:

• Participate in and perform IT risk assessments with a focus on SOX, SOC2, HITRUST, GDPR and other security and privacy related assessments in scope for ResMed’s global organization. You will be responsible for assessing the full IT environment including application, database, platform and infrastructure.
• Participate in, and advise on various IT projects, e.g. cloud migrations, RPA initiatives, system or software implementations, operational audits, M&A integration efforts and data security/privacy compliance audits.
• Examine IT controls, evaluate the design and operational effectiveness, determine exposure to risk and assist business and IT to develop remediation plans.
• Follow-up on IT control deficiencies and improvement opportunities to ensure remediation is undertaken and performed in a timely manner.
• Help facilitate and coordinate audit activities undertaken by ResMed’s external auditors.

Let’s talk about you:

• Bachelor’s Degree in ICT/ Technology/ System Security or a relevant discipline required. Equivalent combination of education and experience will be considered.
• Relevant industry certifications e.g., CISSP, CCSP, CISM, CISA, or willingness to obtain these as needed.
• Must have a minimum of 5-7 years of experience in IT Audit, IT Administration, Information Security or other Computer system related field.
• Effective interpersonal, written, and verbal communication skills
• Ability to work independently, attention to detail, and a high level of personal accountability for accuracy, task prioritization, and timely completion.
• The ideal candidate will have demonstrable operational knowledge of and experience with managing IT risks and controls (implementing, executing, or auditing) in cloud environments e.g. Oracle Fusion, Microsoft Azure, Amazon Web Services (AWS) and/or SaaS platforms.

Preferred:

• Working knowledge of Sarbanes Oxley, ISO27001, ISO27002, ISO9001, HIPAA, GDPR, FDA Quality System Regulation, 21 CFR Part 11, 21 CFR Part 820, CSA CCM, SOC Audit requirements.
• Demonstrable operational knowledge of and experience with ERP systems (Oracle E-Business Suite, Oracle Fusion, NetSuite), HR systems (Workday), and/or Warehouse Management Systems (HighJump).
• Understanding of ePHI and cloud platform security and privacy controls.
• Familiarity with / experience using analytics automation (Alteryx) and GRC/e-workpaper (AuditBoard) solutions.
• Familiarity with / experience using Robotic Process Automation solutions (e.g. Automation Anywhere)
• Workshop and facilitation skills to support risk and control assessments.
• Experience working at Big 4 Firm, or internal audit function of a public company in the medical device or manufacturing industry.

#LI-CF

Joining us is more than saying “yes” to making the world a healthier place. It’s discovering a career that’s challenging, supportive and inspiring. Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates. If this sounds like the workplace for you, apply now! We commit to respond to every applicant.