IT Compliance and Audit Manager
Location: Remote with requirement to travel for business needs
Role Purpose:
The IT Compliance and Audit Manager is responsible for ensuring the integrity and effectiveness of Hain Celestial's IT compliance and audit processes across all entities. This role oversees IT compliance activities, internal and external IT audits, user access reviews, and audit procedures for IT projects. The Manager will work closely with Internal Audit, Senior IT Management, and IT Owners to mitigate risks, manage controls, and ensure adherence to compliance standards.
Essential Duties and Responsibilities:
IT Compliance:
- Identify areas of IT risk that need to be managed by IT compliance activities.
- Define the scope, frequency, and operation of IT compliance activities.
- Develop, maintain, and communicate IT compliance activities to relevant control performers.
- Monitor and motivate the timely completion of IT compliance activities.
Internal IT Audit:
- Coordinate annually with Internal Audit to understand materiality of Hain entities for IT audit scope.
- Perform an annual review of business applications used by Hain entities to determine which are in scope for SOX audit.
- Review and update the Global IT Risk Control Matrix annually.
- Develop a comprehensive schedule for periodic IT audit testing activities to validate the effectiveness of IT compliance control activities.
- Review IT control inventory and design with Internal Audit and Senior IT Management annually.
- Document IT audit testing procedures for all entities and applications.
- Conduct regular sampling and testing of IT control timeliness and effectiveness, documenting the results.
- Document and communicate IT control deficiencies to Internal Audit and IT Management, and collaborate on remediation.
User Access Review (UAR) and Privileged User Access Review (PrivUAR):
- Collaborate with Internal Audit and Senior IT Management to determine the scope for UAR and PrivUAR activities.
- Maintain documentation describing standards and practices for semi-annual UAR and PrivUAR activities.
- Schedule, plan, and lead semi-annual UAR and PrivUAR activities in collaboration with relevant IT Owners and Administrators.
Facilitate the External IT Audit:
- Plan IT audit activities with the External IT Audit Team selected by Corporate Internal Audit.
- Schedule and facilitate walkthrough meetings for all entities, systems, and applications in scope for the IT audit.
- Facilitate IT audit evidence gathering across all IT Owners and Control Performers.
- Coordinate with IT Owners to resolve any audit questions about audit evidence, control design, control performance, or deficiencies.
- Provide regular audit status updates to Senior IT Management, Corporate Internal Audit, and IT Owners.
- Provide relevant evidence of Internal IT Audit review and testing procedures to External Audit to support reliance procedures.
Compliance and Audit Procedures for IT Projects/Updates:
- Consult with project managers and IT Owners to develop/apply relevant compliance and audit procedures for IT update projects.
- Determine when SDLC procedures are applicable and ensure that appropriate activities are conducted and required evidence is gathered.
- Assess and adapt IT compliance, internal audit, and UAR procedures to include coverage for significant IT application and systems changes.
Education and/or Experience:
Required:
- Bachelor’s degree in Information Technology, Computer Science, or a related field.
- Minimum of 7 years of experience in IT compliance, IT audit, or related fields..
- Experience with SOX compliance and IT General Controls (ITGC).
Preferred:
- Master’s degree in Information Technology or a related field.
- CISA Certification – Certified Information Systems Auditor
- ITIL v4 Foundation Certification or higher - Certification and Experience with ITIL v4 to drive IT Process Design and Enhancement
Competencies and Proficiency Requirements:
- Strong understanding of IT compliance, audit methodologies, and risk management.
- Proficient in IT General Controls (ITGC) and IT Application Controls (ITAC).
- Excellent project management and organizational skills.
- Strong communication and stakeholder engagement abilities.
- Ability to work in a fast-paced, global environment and influence change across diverse teams.
Scope:
Financial/Budgetary Responsibility: None
Team Size: None
Conditions of Role:
- Travel Requirements: Occasional travel may be required for meetings or conferences.
- Physical Conditions: Remote.
- Work Environment: Predominantly remote, with some flexibility for office presense when needed.
Compensation and Benefits:
- $105,000 -$129,000 / year (commensurate with experience and location)
- Medical, Prescription, Dental, Vision Coverage
- Flexible spending accounts
- Disability coverage
- Life insurance
- Critical illness and accident insurance
- Legal and identity protection insurance
- Pet insurance
- Employee assistance program
- Commuter benefits
- Tuition assistance
- Adoption assistance
- 401(k)
- PTO
- Parental Leave
Hain Celestial is an equal employment opportunity/affirmative action employer. The Company does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, expression, genetic information, protected veteran status or any other characteristics protected by applicable federal, state, or local law.
If you need accommodations for any part of the employment process because of a disability, please send an e-mail to talent@hain.com or call 516-587-5000 to let us know the nature of your request. EEO/AA/M/F/Veteran/Disabled