"Alerted.org

General Description:

BeiGene is seeking an experienced Senior IT Audit Manager to join our growing internal audit (IA) function, who will be responsible for IA assurance activities from a business, technology, and security perspective across the organization. This person will support the achievement of the Company’s business objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of the company’s risk management, control, and governance processes related to technology areas. This position will liaise across business groups, including but not limited to IT, Finance, Legal, Compliance, external auditors, and other stakeholders to execute the Internal Audit Plan and SOX 404 assurance work.

Essential Functions of the job:

Strategic Business Partnership and Risk Assessment

Support Associate Director IT Audit to

+ Develop and maintain strategic partnerships to improve risk management and control processes.

+ Engage in the risk assessment process by identifying and evaluating technology-related risks that could affect the achievement of business objectives, ensuring alignment with company goals.

+ Implement and maintain risk management strategies for Internal Audit, monitor and report on risk status, ensure compliance with regulations, and collaborate with internal control teams to maintain a robust IT environment

Audit Leadership

+ Lead complex and/or global financial, compliance, and operational audits and advisory initiatives to assess process and control effectiveness, encompassing all audit cycle phases: planning, execution, issue escalation, documentation, reporting, and remediation follow-up.

+ Develop risk-based, tailored audit programs across a wide variety of IT risks, including but not limited to areas such as Cybersecurity, System Implementations, Data Privacy, Active Directory, etc.

+ Conduct on-site fieldwork to assess the Company’s information system and security related processes and controls. Ensure all audit program steps are completed, transactions are thoroughly evaluated, and work papers are properly documented for audit conclusions.

+ Craft accurate, concise and compelling audit and advisory reports, and support or deliver presentations of findings and recommendations to internal and external management, including senior leadership **.**

+ Coordinate with external auditor and management in leading the annual planning of Sarbanes-Oxley (SOX) 404/C-SOX compliance requirements.

+ Collaborate with co-source and external auditors to support global Sarbanes-Oxley 404 compliance by assessing and testing ITGC and ITAC internal controls, ensuring adequate test work, documentation, and audit quality to drive more reliance.

+ Coordinate and collaborate with business leaders, external auditors, and other control and monitoring disciplines (i.e., IT, Compliance and Legal) to facilitate audits and ensure effective and efficient coverage of Company-wide risks.

Project Management

+ Allocate resources for internal audits and manage third-party work to ensure timely and high-quality completion.

+ Monitor audit projects proactively, addressing issues promptly to ensure smooth progress.

+ Ensure all audit activities comply with internal audit standards and methodologies, maintaining rigor and professionalism.

Additional Assignments

+ Support any additional assignments or special projects as required including but not limited to Quality Assurance and Improvement Program (QAIP), External/Internal Quality Assessment to enhance the effectiveness and efficiency of the Internal Audit function.

+ Stay updated on industry trends and best practices in internal auditing and relevant subject matter expertise areas.

Supervisory** **Team Development

+ Provide coaching and mentoring to team members on audit projects, ensuring they develop the necessary skills and knowledge to excel in their roles.

+ Cultivate a collaborative and supportive team environment, promoting open communication, mutual respect, and a shared commitment to achieving audit objectives.

+ Identify the developmental needs of team members and facilitate targeted training opportunities, foster continuous professional growth and enhance overall team performance.

Computer Skills:

+ Strong Microsoft Office skills (particularly Excel and PowerPoint)

+ Knowledge of various operating systems like Windows, Linux, and Unix.

+ Understanding of database management systems such as SQL, Oracle, and NoSQL databases.

+ Familiarity with network infrastructure, protocols, and security measures.

+ Proficiency in audit software tools like AuditBoard, ACL, Tableau, PowerBI and other data analytics tool

+ Skilled users of SAP and Generative AI

Other Qualifications:

+ 7-12 years of progressive experience in performing and independently leading complex information technology and cybersecurity audits. (Big Four Experience Preferred)

+ Expert knowledge across all IT domains including cloud security, DevOps, secure software development, application security, databases, and operating systems,

+ Expert knowledge of authentication, authorization, and credential management

+ Strong SOX/C-SOX ITGC and application control testing audit experience, and proficient in COSO, NIST CFS, ISO27001 etc. Standards.

+ Strong verbal and written communication skills

+ Professional Certification, (e.g. CISA, CRISC, CISSP, IAPP, CISM,) required; CIA preferred.

+ Pharmaceutical industry experience and knowledge preferred

Education Required:

+ Bachelor’s degree in computer science, Management Information Systems, Cybersecurity, or related field of study from an accredited university

Travel/Other Requirements:

+ 10%, as required

Availability to meet during flexible hours on zoom/conference calls with colleagues in different U.S. time zones, Europe, and China.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.