At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at
Job Function: Finance
Job Sub Function: Internal Audit
Job Category: People Leader
All Job Posting Locations: New Brunswick, New Jersey, United States of America
Job Description: Johnson & Johnson Global Audit & Assurance (GAA) organization is seeking a Lead Technology Auditor. The preferred location for this position is New Brunswick, NJ.
Global Audit & Assurance's primary mission is to provide independent, objective assurance and advisory services to assist management in maintaining compliance with government and industry regulations, mitigating risk, and achieving operational excellence. To this end, the Technology Audit function conducts Risk Based Reviews of information resources across the Johnson & Johnson Family of Companies to evaluate internal controls' adequacy and develop recommendations for improvement. Information resources include business-critical applications such as SAP, JD Edwards, and Business Planning and Control Systems, as well as the related technology infrastructure, data, facilities, organizations, privacy, cybersecurity, and business processes.
Responsibilities: - Lead a team of auditors during audit engagements providing guidance, delegation, and feedback
- Provide leadership and coaching to a subordinate staff of Technology audit professionals and Global Audit & Assurance team members
- Influence without authority, both internal to GAA, and external partners (e.g., IT, Business/Process Owners)
- Effectively lead Third Party co-source relationships for audit engagements
- Auditing of sophisticated IT environments serving as the Team Coordinator on audit engagements
- Performing the following audit activity with limited supervision from IT Audit Managers
- Capturing and analyzing info rmation to identify key risks and corresponding controls
- Systematically testing and evaluating controls to verify efficiency and effectiveness of operation, reliability of data, and compliance with applicable laws and regulations
- Recommending control improvements
- Communicating findings and recommendations to management
- Documenting audit work using automated audit management tools
- Performs root cause analysis and articulates control deficiencies and remediation techniques both internally and with senior management
- Tracking, Monitoring, and following up on the status of corrective actions until closure
- Lead and perform ongoing risk assessments of capabilities throughout the enterprise, including but not limited to IT control design and processes
- Independently assess the design and operating efficiency of internal controls over financial reporting
- Coordinates & performs ongoing control testing consistent with the J&J SOX 404 program guidelines
- Coordinate and manage interactions with multi-functional and cross-geographical teams both internally and externally, as necessary
- As part of the audit process, the Lead IT Auditor identifies internal control best practices and promotes their adoption across the enterprise
- In addition, Lead IT Auditors to provide training to other department and affiliate organizations members and may lead Internal Audit improvement projects using appropriate methodologies.
Qualifications - A Bachelor's degree (BA/BS) is required.
- A minimum of 4 years of information technology, audit, or assurance and advisory experience is required, preferably with a Big 4 or leading risk advisory/ public accounting firm. Must have knowledge of Master Data, system configuration, and process controls.
- Experience with the design, development, and implementation of internal controls for large ERP systems preferred.
- Analytical skills; specifically, the ability to assess and decompose processes utilizing a risk and control focus
- Good understanding of IT & Information Security Management Frameworks and standards such as ISO, SANS, COBIT, ITIL, CSA, and regulations such as SOX, PCI Compliance, and HIPAA with demonstrated proficiency in one or more of the following areas is required: ERP systems (SAP, JD Edwards), information security, program/project management, and/or infrastructure services (operating systems, databases, network).
- Experience with Cyber Security risk and control is preferred
- Experience with SAP HANA is preferred High level of self-confidence, strong people and management skills and proven leadership ability, strong influencing skills
- Experience interacting with all levels of management is required.
- Exposure or understanding of control concepts and processes with practical experience in regulatory compliance, internal audits, risk management, process improvement preferred
- Professional security, audit, or control-related certification, such as CISSP, CISA, CRISC, or CIA, is strongly preferred.
- Excellent presentation and written communication skills
- English fluency (written and verbal) is required; fluency in multiple languages is a plus.
- Must have the ability to work in a highly collaborative, team-oriented environment
- Willingness to travel domestically and internationally is required (up to 40%)
The anticipated base pay range for this position is : $91,000-$147,200 Additional Description for Pay Transparency:
The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k . This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington - up to 56 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.