Senior Technology Auditor (1 of 3)

Role Summary

Senior Technology Auditor for Johnson & Johnson Global Audit & Assurance (GAA). Conducts risk-based reviews of information resources and internal controls across the Johnson & Johnson Family of Companies, focusing on technology and information security areas, to evaluate adequacy of controls and provide improvement recommendations. Preferred location: New Brunswick, NJ.

Responsibilities

• Perform audits with limited supervision from IT Audit Managers and Leads
• Often lead a team of auditors during audit engagements, providing guidance, delegation, and feedback
• Participate and support execution of assigned audit engagements including Technology Risk Based Reviews (e.g., cybersecurity, third party risk management), Pre-Implementation Reviews, and SOX 404 ITGC testing
• Assist with audit planning, testing procedures, documentation for reviewed areas, drafting recommendations, and presenting findings to management
• Independently assess the design and operating effectiveness of internal controls over financial reporting
• Coordinate and manage interactions with multi-functional and cross-geographical teams
• Coordinate and perform ongoing control testing consistent with the J&J SOX 404 program
• Capture and analyze information to identify key risks and controls
• Test and evaluate controls for efficiency, reliability, and regulatory compliance
• Recommend control improvements and communicate findings to management
• Document audit work using automated audit management tools
• Follow-up on remediation status; promote internal control standard methodologies across the enterprise
• Leverage digital tools to execute audits and provide insights

Qualifications

• Bachelor’s degree required
• At least 2 years of experience in IT, compliance, internal audits, risk management, cybersecurity, or process improvement
• Prior engagement in SOX compliance projects (documentation, testing, reporting)
• Knowledge of IT systems, networks, databases, and security protocols
• Understanding of IT and information security management frameworks
• Experience identifying, analyzing, prioritizing risks, and recommending controls
• Strong verbal and written communication skills for presenting findings
• Proactive in personal development through trainings or certifications
• Team-oriented with ability to collaborate cross-functionally
• Willing to travel domestically and internationally up to 40%

Preferred Qualifications

• Certifications such as CISSP, CISA, CRISC, or CIA
• Experience in internal audit within a large corporation or major accounting firm
• Experience with pre-Implementation projects, third-party reviews, and Finance/Operations integrated audits
• Ability to independently evaluate new technologies and complex systems
• Understanding of finance/operations processes and how IT controls support business objectives
• Strong analytical skills; experience with data analytics tools (e.g., Alteryx, Tableau, Power BI)
• Experience with Cybersecurity Risk & Controls and SAP HANA is a plus