Analyst - Staff IT Auditor

at  Lilly

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.
The IT Staff Auditor position is responsible for efficient and effective execution of audit engagements and projects. The auditor works with audit teams on domestic and global audits designed to test compliance with good internal control practices and corporate policies and procedures. Responsibilities include: identifying and assessing risks, measuring policy and procedure compliance, influencing action plans, partnering with affiliate management and process owners to complete and improve audit processes, and sharing of best methods and key learning across the organization.

While audits may include finance, ethical conduct (e.g. marketing and sales, medical), and Governance controls, the emphasis of this role is on IT and Information Security controls. The auditor may assist legal in conducting investigations and assessments when needed.

• Audit Execution: Effectively partner with Lilly personnel for the purpose of identifying control risks relative to current regulations, policies, and procedures.
• Process Ownership: Identify process improvements and work with key partners and team members to ensure that appropriate risks are addressed and that process changes are made in accordance with external guidelines and internal policies and procedures.
• Communication: Understand critical or unmet needs by actively engaging in ongoing dialogue with auditees, affiliate management, audit team members, and business partners about risks and how Corporate Audit Services evaluates risk.
• Support People: Provide continuous learning and contribute to an atmosphere of teamwork.

BASIC QUALIFICATIONS/REQUIREMENTS

• Bachelor’s Degree in Computer Science, Information Systems, or Software Engineering or related field
• 2 or more years of work or educational experience in IT and/or IS
• Qualified applicants must be authorized to work in the United States on a full-time basis. Lilly will not provide support for or sponsor work authorization and/or visas for this role

ADDITIONAL SKILLS/PREFERENCES

• Knowledge of software engineering and cybersecurity concepts
• Understanding of IT General Controls and their implications.
• Understanding of Privacy regulations
• Experience with automation and data validation
• Working knowledge of SAP
• Knowledge of NIST and COBIT Framework
• Willingness to work towards and obtain professional certification in IT/IS or audit area (CISA, CIA, CISSP, etc.)
• Audit, quality, regulatory, or comparable experience
• Strong learning agility
• Strong time management and project management capabilities
• Demonstrated critical thinking skills
• Superb communication (oral and written), interpersonal and influencing skills
• Ability to work both independently and within a team environment

• Audit Execution: Effectively partner with Lilly personnel for the purpose of identifying control risks relative to current regulations, policies, and procedures.
• Process Ownership: Identify process improvements and work with key partners and team members to ensure that appropriate risks are addressed and that process changes are made in accordance with external guidelines and internal policies and procedures.
• Communication: Understand critical or unmet needs by actively engaging in ongoing dialogue with auditees, affiliate management, audit team members, and business partners about risks and how Corporate Audit Services evaluates risk.
• Support People: Provide continuous learning and contribute to an atmosphere of teamwork