Information Security Auditor, Senior

Zebra Technologies

Remote Work: Hybrid

Overview:

At Zebra, we are a community of innovators who come together to create new ways of working to make everyday life better. United by curiosity and care, we develop dynamic solutions that anticipate our customer’s and partner’s needs and solve their challenges.

Being a part of Zebra Nation means being seen, heard, valued, and respected. Drawing from our diverse perspectives, we collaborate to deliver on our purpose. Here you are a part of a team pushing boundaries to redefine the work of tomorrow for organizations, their employees, and those they serve.

You have opportunities to learn and lead at a forward-thinking company, defining your path to a fulfilling career while channeling your skills toward causes that you care about – locally and globally. We’ve only begun reimaging the future – for our people, our customers, and the world.

Let’s create tomorrow together.

The Senior Information Security Auditor leads in the execution of Information Technology (IT) audits, including those audits facilitated over the IT organization and the IT aspects of the company’s financial, operational, and compliance audit projects. Reporting to the Director, Information Security, the Senior Information Technology Auditor may provide guidance to other parts of the organization.

Responsibilities:

Responsible for planning, leading, and executing IT audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT sub-focus):

Performs upfront Internal Audit project planning, including the definition of audit scope and audit work programs

Leads interviews to understand the business process and application flow and documents the business process in a set of flowcharts or narratives

Evaluates the effectiveness of the design of controls for business processes and executes testing of internal controls, identifying exceptions

Incorporates the use of data analytics where appropriate to improve the audit efficiency and broaden the audited population

Summarizes the audit results in a set of audit workpapers and an audit report and presents results to management

Ensures that Zebra IA methodology is adhered and that workpapers are compliant with the Institute of Internal Auditors Professional Standards for Internal Auditing

Leads or assists in the execution of SOX compliance pre-auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walkthroughs, and testing the effectiveness of ITGC SOX controls.

Assists with efforts to evaluate system access and segregation of duties and evaluates the company’s cyber security strategies and processes.

Participates as an independent resource on new systems development and implementation projects to ensure controls are properly designed and in place.

May provide other team members, as relevant, with appropriate guidance during the course of project work.

Ensures that Management and the audited party are kept up to date with audit status and the potential audit findings during the course of fieldwork.

Takes the lead role on complex projects and works under guidance of a Manager or Director on some projects classified as having very high complexity.

Over time, begins to take on responsibilities at the next level.

Provides constructive feedback and concrete action steps to continually improve performance.

Builds a good rapport and solid business relationships with the Zebra Management Team.

Manage department key performance metrics and actively engage in the continuous improvement of the Internal Audit department

Create reports that highlight areas where process or technology (i.e. IT infrastructure) may be improved

Recommend changes to controls, processes, and procedures to ensure data integrity and security and improve operational efficiency and appropriate suggestions to achieve the improvements

Prepare appropriate documentation (e.g. narratives, flowchart, control matrices, segregation of duties analyses, application controls, audit reports, etc.) in support of all assurance and consulting work performed.

Qualifications:

Minimum Qualifications:

Bachelors degree in Accounting Information Systems,

Management Information Systems, Computer Science,

Accounting, or other related Business degree

3 years of experience with a leading public accounting /

consulting firm (focused on IT audit, including at least 1 year

of ERP controls auditing, consulting and/or implementing)

Key Skills and Competencies:

Command over risk and internal controls specific to

information technology, including, but not limited to

those risks and controls specific to system

implementation / change management

Completing tests around financial system controls compliance, IT General Computer Controls (ITGC), and Application Controls

Conduct information security compliance to policy audits (e.g. ISO2700X, NIST, etc.) to evaluate risk, compliance, and control effectiveness, focusing on long-term strategies for a public company

Thorough understanding of audit methodologies

and processes (e.g., COSO, COBIT)

Preferred Qualifications:

General knowledge of ISO 27000 and / or NIST is a

plus.

Experience auditing major ERP systems; Knowledge

specific to Oracle ERP is a strong plus.

Demonstrates some understanding of ERP

core financial modules, projects, some

industry-specific modules and/or bolt-on

products, and GRC technology.

Demonstrates some knowledge of security

and control (including configuration) for ERP

applications and/or technologies.

Demonstrates some knowledge of the

design, implementation, and/or assessment

of controls, including an understanding of

the systems implementation lifecycle, as

well as configuring and optimizing business

process controls and application security

Demonstrates some understanding of

business processes related to core ERP

modules, including knowledge of industryspecific modules/products and/or direct

experience configuring and implementing an

ERP.

Experience with auditing cyber-security and / or

product security (IT security for technology

products) is a plus.

General knowledge of IIA Standards is a plus.

Proficiency in PC-based computer systems, including

Microsoft Office programs and Visio. Knowledge of

audit software such as Teammate AM and ACL is a

plus.

In addition to the core knowledge and skills noted

above, the Senior IT Auditor should have the

following areas of knowledge and / or skill:

Basic understanding of core business

processes

Proficiency in auditing for potential fraud

Proficiency in data analytics procedures /

techniques

Ability to evaluate risk impact and

vulnerability

Ability to navigate through moderate levels

of ambiguity and drive value-added

recommendations

Solid communication skills with a sense of

presence with the management team

Position Specific Information

Travel Requirements: Travel is estimated at 10-15%, potentially including

international travel.

Zebra is an equal opportunity/affirmative action employer committed to a diverse and inclusive workplace All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability and protected veteran status or any other basis prohibited by law. If you are an individual with a disability and need assistance in applying for a position, please contact us at workplace.accommodations@zebra.com. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.

Know Your Rights:

https://www.eeoc.gov/sites/default/files/2022-10/EEOCKnowYourRightsscreenreader1020.pdf

Conozca sus Derechos:

https://www.eeoc.gov/sites/default/files/2022-10/22-088EEOCKnowYourRightsSp1020.pdf

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Zebra is a federal contractor and is committed to an alcohol and drug free workplace. As a result, all U.S. based employees are subject to the Drug and Alcohol Free Workplace Policy and Procedure.

Zebra Total Rewards includes more than just pay and is structured to meet the needs of our changing global business and evolving talent. We are committed to providing our employees with a benefits program that is comprehensive and competitive – including healthcare, wellness, inclusion networks, and continued learning and development offerings. We offer community service days, in addition to the traditional insurances, compensation, parental leave, employee assistance program and paid time off offerings depending on the country where you work.

Salary: USD 82500.00 – USD 123700.00 Yearly

Salary offered will vary depending on your location, job-related skills, knowledge, and experience.

Additionally, all Zebra roles are eligible for cash incentive programs. For example, sales roles have additional opportunity to earn substantial variable compensation tied to quota achievement. In most other roles, the Zebra annual cash incentive program links Company and individual performance together. Some roles may also be eligible for long-term incentive equity awards.

To protect candidates from falling victim to online fraudulent activity involving fake job postings and employment offers, please be aware our recruiters will always connect with you via @zebra.com (https://www.zebra.com/ap/en.html) email accounts. Applications are only accepted through our applicant tracking system and only accept personal identifying information through that system. Our Talent Acquisition team will not ask for you to provide personal identifying information via e-mail or outside of the system. If you are a victim of identity theft contact your local police department.

Show Full Vacancy