The Senior IT Auditor is responsible for contributing towards planning, executing, and reporting on operational IT audits, evaluating risks and controls, including application, infrastructure, cloud, data management, SDLC, change management, and IT operations, in accordance with IIA standards and department methodologies. Perform IT SOX control walkthroughs and testing, along with preparing the related documentation. Assess the effectiveness of cybersecurity controls, including identity and access management, vulnerability management, logging and monitoring, incident response, and security governance.
In this role, a typical day might include the following:
Review controls related to cloud computing (e.g., AWS, Azure), SaaS platforms, data lakes, and analytics environments, including shared responsibility models.
Design and execute data analytics‑driven audit procedures using tools such as Dataiku or equivalent, to identify anomalies, trends, and control gaps.
Apply automation, continuous auditing techniques, and responsible use of AI, where appropriate, to improve audit efficiency, coverage, and insight, including assessing AI‑enabled business processes and controls.
Manage timely completion of audit tasks, including communication of status to the auditee and the Manager/Director.
Identify, document, and communicate control deficiencies, root causes, technology risks, and opportunities for improvement, providing practical, actionable recommendations aligned with business objectives.
Present the results of audit work to Internal Audit Management and auditees, including practical recommendations to address identified risks and/or weaknesses in internal controls as well as opportunities to enhance operational efficiencies.
Prepare clear, concise, and professional audit reports and executive‑level presentations for Internal Audit leadership, management, and key stakeholders.
This role might be for you if have experience with :
Advanced knowledge of IT infrastructure, applications, cybersecurity, and automated controls
Strong understanding of SOX, COSO, COBIT, NIST, GxP, GDPR, and other relevant regulatory and governance frameworks.
Strong analytical, critical‑thinking, and problem‑solving skills, with the ability to independently assess risk and propose solutions.
Comfortable working and learning independently and as part of a team
Excellent interpersonal, communication and writing skills, strong organizational abilities, and attention to detail are required
Experience with data analytical tools (e.g. Dataiku, Alteryx, etc.)
Understanding of AI concepts, associated risks (e.g., model governance, data quality, access, ethical use), and internal controls relevant to AI‑enabled processes.
To be considered for this role, you must have a Bachelor's degree with a minimum of 3 - 4 years of progressive experience in IT audit, information security, or technology risk. CISA, CISM and/or CISSP certifications/license preferred. Experience auditing and evaluating infrastructure, cybersecurity risks/controls and auditing operating systems. Pharmaceutical, life sciences, or other regulated industry experience strongly preferred. Big 4 or public accounting experience preferred but not required.
Does this sound like you? Apply now to take your first step towards living the Regeneron Way! We are committed to building a workplace with an inclusive culture. Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion or belief (or lack thereof), sex, sexual orientation, gender identity or expression, gender reassignment, marital or civil partnership status, civil status, pregnancy or parental status, age, disability, nationality, citizenship status, ethnic or national origin, membership of the Traveler community, familial status, genetic information, military or veteran status, or any other characteristic protected under applicable law. Where required, we will provide reasonable accommodation to applicants with known disabilities or chronic illnesses during the recruitment process, unless such accommodation would impose undue hardship.
Where necessary, we disclose salary ranges for roles in all countries in which we operate. The final offer will be determined within the relevant range based on the country of employment, specific role level, and your skills and experience. In some countries, collective bargaining agreements (CBAs) may apply and influence certain elements of pay or benefits. Regeneron offers a competitive and comprehensive total rewards package which may include, depending on country and role: annual bonuses or other incentive plans, equity awards, pension or retirement benefits, 401(k) company match, health and wellness programs, fitness centers, insurance benefits (e.g. medical, dental, vision, life and disability), paid time off, and family support benefits. For additional information about Regeneron benefits in the U.S., please visit https://careers.regeneron.com/en/working-at-regeneron/total-rewards/. For other locations, additional information will be provided during the recruitment process. If you have any questions, please speak with your recruiter.
Please be advised that at Regeneron, we believe we do our best work when we are together. For that reason, many roles are required to be performed on‑site. Please speak with your recruiter and hiring manager for more information about on‑site expectations for your role and location.
As part of the recruitment process, certain background checks may be conducted in accordance with the laws of the country where the position is based. The purpose of such checks is to verify certain information prior to the commencement of employment such as identity, right to work and educational qualifications.
For jobs in Canada: this posting is for an existing position.
Salary Range (annually)
$93,900.00 - $153,300.00Skills Required
- Bachelor's degree with a minimum of 3-4 years progressive experience in IT audit, information security, or technology risk.
- Advanced knowledge of IT infrastructure, applications, cybersecurity, and automated controls.
- Strong understanding of SOX, COSO, COBIT, NIST, GxP, GDPR, and other relevant regulatory and governance frameworks.
- Experience performing IT SOX control walkthroughs and testing and preparing related documentation.
- Experience auditing and evaluating infrastructure, cybersecurity risks/controls, and operating systems.
- Experience with data analytical tools (e.g., Dataiku, Alteryx) and designing data-driven audit procedures.
- Experience reviewing controls related to cloud computing (e.g., AWS, Azure), SaaS platforms, data lakes, and analytics environments.
- Understanding of AI concepts, associated risks, model governance, and controls for AI-enabled processes.
- Excellent interpersonal, communication, writing, organizational skills, and attention to detail.
- CISA, CISM and/or CISSP certifications/licenses.
- Pharmaceutical, life sciences, or other regulated industry experience.
- Big 4 or public accounting experience.
Regeneron Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Regeneron and has not been reviewed or approved by Regeneron.
-
Healthcare Strength — Medical, dental, and vision coverage is positioned as comprehensive, with Regeneron prescription drugs covered at 100% for those enrolled in the medical plan. Mental health support is also emphasized through EAP access and tools like Talkspace and the Journey app.
-
Equity Value & Accessibility — Stock grants are described as available to all employees, strengthening the overall total-rewards package beyond base pay. Long-term incentives and stock-related rewards are repeatedly framed as meaningful components of compensation.
-
Parental & Family Support — Paid parental leave is paired with fertility/adoption assistance and childcare-related support such as discounts and nanny services. Additional family-oriented resources extend to elder care, pet care, and education support like college coaching and tutoring.
Regeneron Insights
What We Do
At Regeneron we believe that when the right idea finds the right team, powerful change is possible. As we work across our expanding global network to invent, develop and commercialize life-transforming medicines for people with serious diseases, we’re establishing new ways to think about science, manufacturing and commercialization. And new ways to think about health. Connect with us so we can learn more about you, and you can learn more about our biopharmaceutical medicines. And join us, as we build a future we believe in. Please visit www.regeneron.com/social-media-terms for information on how to engage with us on social media. An important note about privacy: Regeneron is committed to your privacy and will not ask for sensitive personal information such as social security number, date of birth or bank account details via email or social media.
