IT SOX Auditor

Company: Grainger ( Learn More )

General Information
US-IL-Lake Forest
N/A
4 Year Degree
Full-Time
Not Specified
Not Specified
False
False
Job Description

Company Information
Grainger is a global leading broad line supplier of facilities maintenance products serving businesses and institutions. Our 18,000 employees are driven to serve customers and the community in exceptional ways focusing on delivering the highest level of service. The Grainger team works closely with customers to better understand their challenges and provide cost-saving solutions. Grainger's employees serve customers more than 115,000 times every day through multiple channels.  As part of a high-performing team, you’ll be able to develop your talents, and make a difference. Grainger is a Fortune 500 company and a perennial member of Fortune magazine's Most Admired Companies list.

 

Primary Function
As part of Grainger’s Global Internal Audit Team, the IT SOx Auditor will primarily be responsible for independently evaluating the design and effectiveness of Grainger’s key IT controls for financial reporting (ICFR) as part of the enterprise SOx 404 assessment. Additionally, this person is expected to develop and maintain effective working relationships with the external auditors and global Controllership teams, including Global Internal Controls Teams and ICFR owners.

 

Principal Duties & Responsibilities
The IT SOx Auditor will work within the general guidelines provided by the Internal Audit Manager and Sr. IT Sox Auditors in connection with Grainger’s SOx 404 process. The role’s key duties and responsibilities are as follows:

  • Assist the Manager and Sr. IT SOx Auditor with the development of the annual SOx testing plan.
  • Assist with the planning, performing, and managing field work to evaluate the effectiveness of key IT internal controls for financial reporting (ITGC and Application Controls).  
  • Perform detailed testing to ensure risks are appropriately identified, associated audit procedures are applied and related controls are designed and operating to mitigate the identified risks. Identify and update the SOx 404 Framework for control and/or testing changes identified through testing.
  • Assist the Sr. IT SOx Audtior in documenting and reporting control deficiencies upon discussion with business owners, collaborate with business owners regarding recommendations to address the root cause of issues and report on the status of implementation of management remedial actions.
  • Participate in cross-functional committees designed to enhance overall governance compliance program development and continuous process improvements.
  • Develop and maintain effective working relationships with the external auditors and global Controllership teams, including Global Internal Controls Teams and ICFR owners.
  • Keep up to date with changes in regulations, governance and best practices.  Assist the Sr. IT SOx Audior in reviewing and updating testing procedures and templates to ensure any changes in regulations, governance, or best practices are reflected and incorporated into testing.
  • Assist with Entity Level Controls and SOC-1 Testing.
  • Assist other Internal Audit Managers and Lead Seniors with planning and execution of IT related audits throughout the company during SOx slow times.
  • Maintain professional certifications and related educational requirements as well as other duties assigned by the Internal Audit Manager.
  •  

    Preferred Education & Experience

    Education/Certifications

  • Bachelor's Degree in management/computer information systems, computer sciences, or equivalent combination of education, training, and years of experience is required.
  • Certifications in IT compliance standards (e.g., CISA, CISSP, CISM) is a plus.
  • Other relevant professional certification such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA) or Certified Fraud Examiner (CFE) is a plus.
  • Master’s degree or other relevant certification is a plus.
  • Experience

  • Theoretical and practical knowledge of processes, risks and internal controls.
  • Understanding of audit methodologies, processes and control frameworks (e.g., COSO)
  • PC proficiency in MSOffice applications (Excel, Word, PowerPoint, etc.).
  • Excellent verbal and written communication skills in the English language.
  • Ability to communicate succinctly and effectively with operating, divisional and executive management.
  • Strong analytical, deductive and problem solving skills.
  • Excellent interpersonal and organizational skills.
  • Understanding of IT general controls and application controls best practices.
  • Theoretical and practical knowledge of major risk and control frameworks or IT frameworks (e.g., COSO 2013, COBIT, ISO, CMM, ITIL) is a plus.
  •  

    Work Environment  

  • Drive an automobile, carry a laptop PC and other requisite equipment/supplies to remote audit assignments, on an “as needed” basis.
  • Ability to travel (up to 15% of time) including some international assignments.
  •  

    Impact

  • Deliver value-added assessments and sound advice, good news and bad, in a relevant, concise and clear manner tuned to the audience and with a high level of credibility to be reviewed by executive management and board.
  • Understand business strategy and related risks as well as the financial implication.
  • Assimilate and synthesize complex data and information into a concise conclusion for decision-making.
  • Act and commit to core values and ethical business conduct and has the backbone to stand up for what is right and necessary.
  • Able to separate people from issues.
  • Work autonomously with a strong attention to detail.
  • Exercise comprehensive and thorough risk assessment, project management, and communication protocol and skills.
  •  

    Working Relationships

  • Peer relationships with Senior Auditors, Internal Controls Professionals and Business/Operations Professionals.
  • Reports to Manager, Internal Audit and SOx.
  • Informally supervised by the Sr. IT SOx auditor
  •  

    EEOC
    Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status

     

    Job Requirements