Short DescriptionAbbott is looking for an Analyst who can evaluate the scope of planned testing activities for assigned audits and align with integrated controls framework.
- Provide Compliance and Audit support for the BTS IT organization.
- Evaluate the scope of planned testing activities for assigned audits and align with integrated controls framework.
- Support all phases of audits of IT systems from preparation to the discussion of any identified deficiencies.
- Assist the IT organization by assessing their compliance level for all key processes and in the development and implementation of associated remediation plans.
- Establish and maintain productive relationships with all audit, compliance and IT stakeholders including external partners.
- Champion change, innovation, and process thinking.
- Identify and execute on the need for an update and/or improvement to the integrated controls framework based on monitoring trends and/or control environment changes Risk Evaluation and Remediation.
- Evaluate and prioritize remediation activities and execute risk acceptance process where appropriate√? Practices appropriate risk-based root cause analysis methodology that considers the organization's strategic direction and priorities.
- Represent Compliance on regional process improvement and remediation initiatives.
- Advise on rollout and management of enterprise compliance initiatives and support compliance strategy in enterprise initiatives as a representative of Quality and Regulatory Compliance.
- Bachelors Degree in Information Technology or equivalent plus 5+ years of related work experience with IT general controls, data privacy, and audit support, or an equivalent combination of education and work experience.
- Minimum Experience/Training Required:
- Strong analytical skills and the ability to organize work in a logical, thorough and succinct manner.
- Highly self-motivated, goal orientated, and self-directed
- Good understanding of SOX, General IT Controls, and Data Privacy Regulations. Previous auditor experience preferred.
- Good understanding of Access Management controls. Previous application security experience preferred.
- Good understanding of Information Security - CISSP / CISA or similar certification preferred but not essential.
- Good understanding of IT systems and controls including ERPs, Web systems, e-commerce, data centers, network infrastructure, patching, access controls, databases, CRM, cloud systems etc.
- Familiarity with risk management principles, regulatory requirements and, industry best practices.
- Flexibility to adapt to changing assignments and ability to effectively prioritize
- Excellent ability to communicate effectively, both verbally and in writing to all levels of management
- Ability to express a point of view, and advise on risk and control considerations