BD Veterans

Job Information

BD (Becton, Dickinson and Company) Manager, IT Compliance and SOX in San Antonio, Texas

Job Description SummaryReporting to the Director, TGS Risk & Compliance, the IT Compliance and SOX Manager is responsible for maintaining the IT SOX control framework, managing the IT Compliance analysts, and supporting the Technology and Global Services (TGS) team members throughout the annual SOX audits. This individual will be responsible for leading the global IT compliance activities which include Sarbanes-Oxley IT controls oversight and coordination of EY IT audit engagement.

Job Description

Primary responsibilities will include:

  • Accountable for overall IT Compliance activity execution; demonstrates progress toward pre-established objectives, assesses risk and implementation strategies to ensure successful delivery of IT Compliance program

  • Accountable for maintaining the IT SOX control framework and ensuring compliance with IT SOX regulations and external auditor regulations. IT SOX specific responsibilities include:

  • Managing the planning of the IT SOX compliance program and coordinating with our external auditors, EY, to scope the annual IT SOX audit

  • Act as the main point of contract with the external auditors in terms of planning, request status, remediation planning, closure of IT SOX issues before year end, and pushing back on behalf of Management where necessary

  • Managing the IT Compliance team to ensure everyone has clearly assigned activities with understanding of deliverables and due dates

  • Ensuring the IT Compliance team understands the responsibility to review evidence prior to it being provided to EY for testing

  • Engage with IT leadership to ensure they are aware of IT SOX Compliance activities throughout the year including scope of audit, compliance deliverables and remediation monitoring

  • Deployment of IT SOX to new businesses / applications in scope (either new acquisitions or legacy businesses that have risen above the materiality threshold)

  • Assessment

  • Controls Design

  • Controls documentation

  • Controls deployment

  • Audit support

  • Remediation management

  • Controls guidance going forward

  • Periodic monitoring of controls throughout their life span

  • Evaluating IT changes and projects to determine whether the changes or new system implementations are SOX applicable as part of BD’s Regulatory Assessment Process

  • Supporting IT Projects (SDLC controls) for IT SOX systems to ensure that implementations or major upgrades for SOX relevant systems are following BD’s IT control framework

  • Working with the project teams to ensure that the SDLC IT General Controls are followed throughout the life cycle of a project

  • Supporting IT Compliance assessments of relevant TGS projects

  • Develop IT Compliance team capabilities and mentor staff to provide career growth and learning opportunities

  • Work with control owners throughout the year to assist with improving IT control processes

  • Evaluate changes in process, people, and technology that may have an impact to internal control over financial reporting (may include process changes, new accounting pronouncements, and/or system implementations). Document SOX impact and provide controls guidance and training, as required

  • Conduct Annual SOX compliance training for the IT organization

  • Maintain IT control checklists and other documentation that is leveraged to foster continuous compliance for IT SOX controls

  • Manage co-source provider for the IT Management testing team and work to establish reliance approach with external auditors

  • Relationship Management for Outsourced service providers to help design Compliance program that aligns with Company objectives

  • Manage updates to test results in Archer and maintain control library within Archer GRC ensuring accuracy

  • Ensure the IT Compliance Analysts are trained and understand their responsibilities as it relates to SOX compliance

Qualifications and Experience

Candidate will be able to leverage past experiences and knowledge to provide advice on optimal solutions for implementation of effective IT controls to strengthen our processes, reduce risk and sustain compliance requirements. Maintains effective communication with team members and functional leadership in all activities required to plan, perform, monitor, and support the global IT compliance and SOX work.

  • 5 + years’ experience with IT controls and SOX compliance

  • Experience with managing a team

  • Shows effective project management skills, the ability to be a self-starter, and able to effectively manage workload

  • Advanced knowledge of IT controls and SOX regulations

  • Experience with testing and reviewing the testing of IT SOX controls

  • Familiarity with PCAOB requirements and evolving points of emphasis preferred

  • Experience with evaluating IT control deficiencies and the development of action plans to remediate control deficiencies, including guiding IT organizations on creating new controls to address design gaps

  • Understands business processes, particularly information technology related areas, and related master data

  • Has a working knowledge of SAP, preferably at a super user level

  • Has knowledge and experience with business processes to understand the business operations and can propose improvements or new alternatives that will assist BD locations in their efforts to implement the global business process in a controlled manner

  • Can work well within a complex team environment comprised of a virtual team members located across multiple regions

  • Ability to effectively partner with business functions as well as a 3rd party service provider team

  • Understands the value of process-oriented approaches as well as ability to establish and monitor key metrics

  • Experience in projects accountable for leading change is a definite plus

  • Preferably has experience with JDE and Archer GRC

  • Knowledge of Information Security Risk is preferred

  • Big 4 or equivalent experience preferred

Education

A bachelor’s degree in a subject related to one of the following functions: Information Technology, Management, Information Security, Finance, or related discipline. CISA, CISM, CRISC, CISSP or other relevant certification preferred.

Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.

Primary Work LocationUSA TX - San Antonio

Additional LocationsUSA NJ - Franklin Lakes

Work Shift

Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.

DirectEmployers