Note: The job is a remote job and is open to candidates in USA. CVS Health is dedicated to building a world of health around individuals, and they are seeking a Senior Analyst for their Corporate IT SOX Audit team. This role involves executing the annual Sarbanes-Oxley internal audit, collaborating with business partners and external auditors, and recommending improvements to IT compliance processes.
Responsibilities
• Effectively perform and document IT SOX audit activities in accordance with professional standards and the organization’s audit methodology
• Execute testing and create work paper documentation
• Understand procedures, results and business impacts; and document and express such understanding in both written and verbal form
• Perform detailed review testing to analyze and validate information and provide constructive feedback to preparers to enhance the quality of testing work papers
• Demonstrate the ability to accurately document ITGC process workflows and data flows
• Create clear and accurate documentation and workflows of technology processes and test results and exceptions
• Work in a fast-paced, collaborative setting with cross-functional teams
• Lead individual project components and testing areas; oversee the work of more junior auditors and/or interns
• Independently collect facts, utilize strong analytical capabilities to recommend appropriate actions on complex matters, and effectively communicate status and results in a concise, timely manner
• Reports related audit findings to audit and business stakeholders
• Interacts with various levels of Internal Audit and business line management to resolve issues in a timely manner and to maintain effective communications
• Consider SOC reporting and other compliance impact for controls which are tested once and applied for other compliance purposes
• Meets administrative reporting requirements and supports department initiatives
• Demonstrates a commitment to integrity and the company code of conduct, and a respect for diversity and inclusion
• Contribute to overall Internal Audit Department team norms to promote a positive environment and improve team effectiveness
• Keep current of relevant technology developments and evolving IT risk areas
Skills
• 2+ years' experience in IT SOX Audit, IT SOX Compliance, Control Validation, Risk Assessment, or Risk Consultant role
• Ability to travel up to 10%
• Must be willing to work 8:00am-5:00pm EDT or CDT
• Bachelor's Degree or equivalent experience (HS diploma + 4 years relevant experience)
• Professional designations such as CPA, CIA, CISA etc., or progress towards achieving such designations
• In-depth knowledge and understanding of Sarbanes Oxley regulation including its requirements, regulations, and implications for financial reporting and internal controls
• Prior experience in strategizing, planning, and developing technology audit project plans
• Healthcare, Insurance, or Retail industry business practices and risks
• Familiarity with Cloud environments and data classification and protection concepts. IT processes - including applications and infrastructure, security and vulnerability assessments, change control, asset management, disaster recovery, data privacy, and IT risk assessment, automated control environments, cybersecurity best practices, cloud security controls etc
• Familiarity with the following concepts: Information Risk Frameworks (NIST 800-53, COBIT 5, ISO/IEC 27001/2, HITRUST, PCI DSS), eGRC tools, and IIA Standards, Data Privacy regulations and industry standards (e.g. HIPAA, GDPR, CCPA)
• Good teamwork and collaboration skills
• Strong oral/written communication, critical thinking, problem resolution and interpersonal skills with proven ability to influence and collaborate with external and internal partners at all levels
• Excellent analytical and problem-solving abilities
• Ability to work independently and manage multiple priorities
• Detail-oriented with a high level of integrity and professionalism
• Practical knowledge of processes, risks, and internal controls
Benefits
• Affordable medical plan options
• 401(k) plan (including matching company contributions)
• Employee stock purchase plan
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility
Company Overview
• CVS Health is a health solutions company that provides an integrated healthcare services to its members. It was founded in 1963, and is headquartered in Woonsocket, Rhode Island, USA, with a workforce of 10001+ employees. Its website is https://www.cvshealth.com/.