Accountable for performing and documenting multiple Internal Audit assignment reviews of information systems, as well as financial and operational controls. Provides management an assessment on the adequacy of computerized financial and operating policies, procedures and controls to determine compliance with Corporate policies and good business practices. Reviews continuous auditing exceptions and follows up as needed. May make recommendations for improvements in the areas of control, efficiency, and cost savings subject to review by audit management. Will perform audits on cloud, network security, and infrastructure controls. Will use ACL Analytics or other analytic software skills to develop and support custom analytics. Responsible for working collaboratively with the audit team during audit projects.
Performs information systems audits by reviewing and analyzing less complex system technical configurations (e.g., password files and similar), Company records, procedures, and documentation related to computerized accounting, financial, and operational systems. Audits may involve departments with or without written policies and procedures. Seeks advice from supervisor and assists in determining whether computerized systems of financial and operating controls are functioning properly and are in compliance with good business practices and if established policies and procedures are adequate. Under supervision, assists external auditors on interim and annual basis to ensure records are complete and accurate as well as internal controls are adequate and in compliance with financial reporting requirements.
Works closely with key stakeholders to understand processes. Under minimal supervision, utilizes ACL and/or programming languages (e.g., Python, SQL or similar) skills in computer assisted audit techniques to audit large datasets identifying exceptions, irregularities, or trends.
Develops specific audit program steps, audit work plan, and specific audit tests for departments or areas with no prior audit lead files, workpapers, audit programs, history files, or policies and procedures. Provides suggestions for areas to be included in the Internal Audit Departments annual audit plan. Works with supervisor to prepare concise reports on examinations and findings which detail areas examined, areas needing improvement and measures required for corrective action. Drafts reports and memos for review by management and sends drafts to operation management for review and comments.
Uses company systems such as ACLGRC, Peoplesoft, and JDE to monitor continuous auditing exceptions. Research common or recurring issues and recommends potential resolutions. Assists in developing reports to the business.
Skills & Experience
Experience: 2-5 years of auditing, information systems auditing and/or information systems experience. Experience with systems administration, information security, data science and/or development in addition to some finance/business/audit will be considered. Experience in public accounting is desirable. Background and experience in international business is preferred.
Education: Bachelor’s degree or equivalent in Computer Science, Information Technology, Management Information Systems, Accounting or Business Administration with emphasis in systems required. A Master’s degree is preferred.
Must have working knowledge of the Control Objectives for Information and Related Technology framework (COBIT), Information Technology Infrastructure Library (ITIL), the Committee of Sponsoring Organizations (COSO) of the Treadway Commission’s framework, Generally Accepted Accounting Principles (GAAP), and Generally Accepted Auditing Standards (GAAS).
Intermediate understanding of Microsoft Suite including Excel, PowerPoint, Outlook and Word. Experience in ACL or other similar computer assisted auditing technique software packages skills and ability to work with supervisor to implement strategies to analyze large data sets and identify exceptions, irregularities, or trends.
Ability to demonstrate an understanding of Company systems, how transactions are processed and a basic technical understanding of how multiple systems interface/interact. Documents this understanding using technical system flow charts.
Must have an awareness of good security and privacy practices in end user computing, networking, and software development. Some knowledge of Payment Card Industry Data Security Standards (PCI DSS) and other industry standards is beneficial. Experience with global data privacy process and controls is strongly preferred.
A basic understanding of cloud computing services and deployment architectures. Additionally, experience performing security assessments and audits within cloud environments (AWS, GCP, MS Azure, Oracle) is strongly preferred.
Requires knowledge of Microsoft Windows Server 2008 or newer based client server application architectures utilizing Microsoft SQL Server 2008 and newer as well as Oracle database management systems. Also working knowledge of Sun Solaris and Redhat Unix/Linux based systems. Sharepoint and .NET is beneficial.
Must have basic working or academic experience with a modern object-oriented programming language (such as Python) and/or SQL or similar programming language which can be used to perform data analysis.
Must be able to work with supervisor to prioritize tasks and shift between priorities while work on multiple internal audits.
Must have an ability to perform information systems audit tests, to identify areas for improvement or non-compliance of policies and procedures and recommend corrective measures. Analytical abilities are required to evaluate systems, procedures and controls, and recommend innovative and effective corrective measures to evaluate the overall impact of issues.
Ability to perform audits of computerized systems including knowledge of programming and systems design lifecycle frameworks such as (Waterfall and Agile.) Must be able to analyze design of computerized systems including flowcharting, programming, and definition of functional requirements in order to conduct pre-installation reviews of internally developed or purchased computerized systems.
Experience auditing, administering or implementing PeopleSoft Financials/HR and/or JDE 9.1 is desirable.
Must have written and oral communication skills to effectively secure information from IST, domestic and international management and other departments during audits of computerized systems. Must be able to organize and succinctly explain deficiencies, risks, and recommendations to senior management in understandable and non-technical language.
Must be willing and able to travel and examine international subsidiaries where new or revised computer information systems have been installed. Must be able to assist in audits of international subsidiaries including both operational and financial reviews. Travel generally should not exceed 10% although individual trips may be of several weeks' duration
Must have good communication, time management, and strong interpersonal skills to effectively secure information from various departments to perform audits and present findings to management.
Foreign language proficiency in Mandarin, Russian, Spanish, or Portuguese preferred.
About Mary Kay Corporate
Looking for a career where you can make a difference?
At Mary Kay we are committed to enriching the lives of women and their families around the world, we offer careers with unlimited opportunities to do something beautiful every day. More than 5,000 employees work in locations around the world. They provide the products, marketing and other support to millions of Independent Beauty Consultants (IBCs) who work as independent contractors, selling our products directly to consumers in nearly 40 markets on five continents.
We are a company that believes in our people and cares for them with truly exceptional benefits. We offer:
A comprehensive health plan which includes medical, dental, and vision with low premiums
A generous profit-sharing program
Free access to on-site fitness center and on-site clinic