Nexteer Automotive IT Internal Controls (2021) in Auburn Hills, Michigan
Monitor changes in business processes, information systems, management and operations, and coordinate with functional staff to ensure mitigation of control risks;
Build and maintain productive relationships with management, business units, internal and external audit and global business units;
Ensure internal control audits and other projects are completed in an efficient manner, and within established deadlines;
Maintain IT General Control testing templates to ensure they accurately reflect attributes that are tested, and they properly reference Nexteer IT Policies and Standards;
Perform Completeness and Accuracy Testing for Key Financial Reports code;
Identify and Consult Global Teams on remediation plan regarding to the Control Deficiencies;
Assist in the global coordination and monitoring of standardized internal controls, policies, and procedures;
Perform, coordinate and provide quality assurance over management self-testing of controls;
Develop and monitor standardized self-testing internal control of financial reporting scripts;
Assist and monitor the development and implementation of internal control improvements;
Support resolutions to anticipated and incurred problems and obstacles impeding the timely completion of audit work.
Leverage understanding of internal controls over financial reporting (ICOFR), execute audit work to ensure the effectiveness and efficiency of internal controls is adequate and sufficiently supported and documented, and departmental and professional standards are adequately upheld.
Ensure issues and exceptions are fully identified and properly defined, and recommendations are adequately formulated to address the root cause of identified issues in a cost/beneficial manner.
Ensure issues and recommendations are adequately and effectively communicated to management on a proactive basis during the course of each audit.
Develop audit reports, ensuring clarity, conciseness, and overall quality.
Conducts internal audits, including planning, collecting data, interviewing, observing, and process tracking, developing conclusions, and providing recommendations.
Specializes in conducting IT audits and reviews of systems, applications, and IT processes. These include but are not limited to:
Performing pre/post- implementation reviews of system implementations or enhancements.
IT security and operational audits (e.g., network, operating system and data center), including evaluating if security vulnerabilities are properly identified and mitigated.
Evaluating and testing compliance with general computing controls.
Performing various other reviews of IT management policies and procedures such as change management, business continuity planning / disaster recovery and information security to ensure that controls surrounding these processes are adequate.
Conducts investigations and assessments in compliance with applicable federal and state laws, rules, regulations, and guidelines, client and payer contracts, internal policies, procedures, and practices.
Reviews the effectiveness of monitoring and mitigation activities and recommends enhancements to improve effectiveness and efficiency and mitigate risk.
Acts as a resource for others with less experience for the purposes of sampling, investigative methods and root cause analysis, risk management, evidence and record standards, internal controls, and process design.
Provides recommendations regarding containment, corrective, and preventive actions to other departments.
Participates in identifying, verifying, documenting, and communicating risk.
Plans and implements solutions to monitor changes in risk.
Maintains documents and records according to the corporate record retention policies, best practices, and departmental standards.
Participates in the evaluation and improvement of sampling methods and composition, audit criteria and procedures, documentation, manuals, and records and assists in the tracking and reporting of departmental dashboard elements.
Bachelor's degree in information technology, accounting, business administration, finance, or a related field
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE) or Certified Information Security Manager (CISM) designation is required or the ability to obtain one within 6 months of employment
2+ years of experience in IT Internal Controls and/or Internal Audit
2+ years of experience with (GRC) (such as LogicGate, ZenGRC, SecureEnds, ServiceNow)application implementation
Additional Skills & QualificationsIn this role, the candidate will be responsible for the following:
Identify, align and aggregate risk inputs from various sources within the organization
Cultivate relationships with other stakeholders (e.g., Internal Controls, Internal Audit, Cyber Security, IT Product Driven Organizations) and data element owners
Perform quantitative and qualitative analysis of risk data
Support and expand the implementation of the Component Assessment and Detailed Risk Assessment processes
Identify industry/enterprise trends and emerging risks to enhance the risk and control library
Equal Opportunity Employer Disabled/Minorities/Veterans/Women
VEVRAA Federal Contractor
Nexteer is an E-Verify employer. E-Verify is an internet based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA) that allows participating employees to electronically verify the employment eligibility of their newly hired employees in the United States.
Accessibility for Applicants with Disabilities: If you need a reasonable accommodation for the online application process due to a disability please call 1-989-757-5000. Please provide your contact information and details about the posted position of interest. Only inquiries regarding assistance for those who need an accommodation with the online application process due to a disability will be returned.