As a member of the Internal Audit team, this individual will be involved in performing Kimberly Clark’s audit activities to primarily identify and assess technology related risks and controls, as well as operational, compliance, and business process risk and controls. The Sr. IT Auditor will provide project-level supervision to junior members of the Internal Audit team. Where necessary, the individual will work with external service providers. By executing audit activities, the individual will objectively evaluate key risk areas to identify meaningful, value-added improvement opportunities and share results with management.
Specific activities related to the execution of audit activities will include:
- Serve as a key participant in advancing the data analysis capabilities of the Internal Audit department
- Identify opportunities to partner with audit teams and utilize analytics to improve risk assessment, audit coverage and execution, and/or identification of issues
- Independently, and/or in coordination with Audit Management and staff perform internal audits of IT activities and other business functions to determine compliance with internal policy, regulatory requirements, FFIEC guidance and industry standards.
- Review IT general controls, management self-assessments, system documentation and K-C artifacts to assess risk-based control effectiveness.
- Review business unit service provider management reports (e.g., SOC reports), due diligence, service level agreements and other supporting documentation to determine the adequacy of vendor management controls.
- Conduct risk-based focused audits and independent reviews to address prior audit issues, exam findings, control deficiencies that require immediate or planned follow-up, requested by Board Committees or the Audit Committee and agreed up by the VP of Internal Audit.
- Provide consulting support to the Information Technology department and business units in both structured and informal projects.
- Maintain IT Audit standards, procedures, files, and resource information in accordance with ISACA, IIA and K-C guidelines and policies.
- Conduct special assignments as requested by the Senior IT Audit Manager.
- Maintain a working knowledge of information security assessment industry standards/best practices and compliance with information security-related laws and regulations (e.g., SEC, PCI-DSS, HIPAA, and other state/regulatory data privacy laws).
- A minimum of 3 or more years of professional information technology auditing, control or security work experience is required.
- A bachelor’s degree, is required. A bachelor’s degree in Computer Science, Computer Information Systems, Technology, or Auditing is preferred.
- Certification as a Certified Information System Auditor (CISA), or Certified Information Systems Security Professional (CISSP) is preferred.
- Experience working with and auditing of network and infrastructure technology, including information security and policy controls, cybersecurity assessments, database administration systems, disaster recovery planning, systems development life cycle and project management control practices.
- Knowledge of the Information Systems Audit and Control Association’s (ISACA) Control Objectives for Information and Technology (COBIT) standards, ITIL, NIST, ISO27002
- Working knowledge of information security assessment industry standards/best practices and compliance with information security-related laws and regulations (e.g. SEC, PCI-DSS, GDPR, HIPAA, and other state/regulatory data privacy laws).
- Experience in the use of automated audit computer software tools (e.g., ACL, ACCESS, VISIO, Tableau) to perform internal network assessments, database monitoring, and auditing is required; experience with data analytics preferred.
- Demonstrated proficiency with Windows, Microsoft Office software (Excel and Word) and audit documentation software.
- Possess good judgment, ability to accept responsibility and handle confidential information.
- Accurate work, with strong attention to detail.
- Excellent verbal and written skills required.
- Must be a self starter with organizational and planning skills and able to complete assignments in assigned time-frames.
- Customer service oriented.
- Ability to travel 20% – 40%, both international and domestic.
- Understanding of manufacturing and/or consumer products industries.
- Experience with SAP Hana, Tableau, Scripting, Data Analytics
- Working knowledge of CCH TeamMate Audit Management Software.
- Bilingual (written and spoken)
Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 175 countries. Every day, 1.3 billion people – nearly a quarter of the world’s population – trust K-C brands and the solutions they provide to enhance their health, hygiene, and well-being. With brands such as Kleenex, Scott, Huggies, Pull-Ups, Kotex, and Depend, Kimberly-Clark holds No.1 or No. 2 share positions in more than 80 countries. With more than 140 years of history of innovation, we believe in recruiting the best people and empowering them do their best work. If fresh thinking and a passion to win inspire you, come Unleash Your Power at Kimberly-Clark.
Kimberly-Clark is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, age, pregnancy, genetic information, citizenship status, or any other characteristic protected by law.
The statements above are intended to describe the general nature and level of work performed by employees assigned to this classification. Statements are not intended to be construed as an exhaustive list of all duties, responsibilities and skills required for this position .
This position may require a post-offer/pre-hire Physical Abilities Test (PAT) to confirm that individuals are able to perform the essential functions of the job.
K-C requires that an employee have authorization to work in the country in which the role is based. In the event an applicant does not have current work authorization, K-C will determine, in its sole discretion, whether to sponsor an individual for work authorization. However, based on immigration requirements, not all roles are suitable for sponsorship.
This position is subject to drug and alcohol testing, including pre-employment testing.
This role is available for local candidates already authorized to work in the role’s country only. K-C will not provide relocation support for this role outside of country, this role is available for in-country relocation only.