Overview The Sr Manager IT Internal Audit leads the Sarbanes-Oxley (SOX) IT program and participates in the management and execution of the Enterprise Risk Management (ERM) program. Helps to further develop and improve the SOX and audit programs while managing and performing operational audits. Assess risk and oversees the development of efficient audit plans, concluding and reporting on the adequacy and effectiveness of internal controls, governance, and risk management. Manages and performs the developing and executing of internal audits and contributes to the overall strategy of the Internal Audit function. Guides areas of improvement, identifying automation opportunities within the team, within audits, and for Myriad as a whole. Responsibilities Sarbanes-Oxley Responsible for planning, scoping and ensuring performance of Sarbanes-Oxley Section 404 assessments over IT general and application controls, managing 3rd party co-source as applicable. Ensure alignment and progress with external auditors, periodically report to senior management and prep Audit Committee materials. Perform evaluation of deficiencies from a qualitative and quantitative aspect and determine whether they represent significant deficiencies or material weaknesses. Assist in remediation efforts for open deficiencies. Work with VP Internal Audit to drive efficiencies in SOX program and IT Audit approach and resourcing structure Internal Audit and General Support VP of Internal Audit by leading identification of IT audit plan and approach, working closely with 2nd line of defense. Gather and analyze data as necessary to accomplish IT audit objectives in a timely manner. Plan, scope and perform or lead IT operational and compliance audits and consultative projects. Develop formal reports, clearly expressing approach, objectives and conclusions of areas audited and recommendations to address risks and exposures. Clearly communicate issues and pursue effective and timely resolution. Prepare reports and communication of status and the results of internal audits for Executive Management and the Audit Committee. Support with facilitation of IA Enterprise Risk Management (ERM) activities across all functions including ongoing emerging risk identification and assessment and the further improvement of a uniform and standardized methodology for risk assessment to inform the audit plan and senior leadership. Manage the relationship of external consulting resources that are engaged to assist in the performance of internal control and operational auditing activities. Develop and foster working relationships, focusing on the identification of solutions to issues and continuous improvements in business and accounting processes. Identify and develop agile inspired audit methods and approaches and continuous improvement including use of RPA, analytics and automation where possible. Qualifications Bachelor’s degree required; Information Technology, Business Administration/Management, Computer Science and/or Management Information Systems or other related degree preferred. 8+ years of audit experience, including time working in a management capacity for a corporate Internal Audit function of a U.S. public company and in a public accounting firm (Big 4 experience preferred). Strong knowledge and experience with COSO 13 SOX IT general and application control audits & standards with the ability to assess complex processes to identify potential risks. Strong understanding and ability to identify and evaluate audit considerations on new topics as they arise. Strong knowledge and experience with auditing cybersecurity highly desired, experience with other complex IT topics such as 3rd part vendor programs, Information Security, Data Governance, data transmission, HITRUST, NIST, and ISO 27000 a plus. Strong analytical skills, project management skills, and in-depth knowledge of audit risk assessment methodologies. Proven business acumen, with the ability to lead people and gain results through others. Ability to creatively solve complex problems and balance multiple competing priorities in a solutions-oriented environment. Ability to liaise with IT side and support IT application controls and IT scope decisions from business perspectives. Ability to skillfully manage potentially contentious interactions as needed. Strong communication skills with the ability to interact and influence people across all levels throughout Myriad. Professional IT certification such as Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP) highly desirable. Certified Internal auditor (CIA) or Certified Public Accountant (CPA) a plus. Physical Requirements Lifting Requirements – light work or exerting up to 20 pounds of force frequently. Physical Requirements – stationary positioning, moving, operating, ascending/descending, communicating, and observing. Use of equipment and tools necessary to perform essential job functions. EEO We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. In hiring and all other employment decisions, we prohibit discrimination and harassment on the basis of any protected characteristic, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
#LI-MH1 #LI-Remote
Robotic Process Automation (RPA) Cost Per Action (CPA) sox entity-relationship Certified Information Systems Security Professional (CISSP)