Use Your Power for Purpose
As a Manager Corporate Audit at Pfizer, you will play a crucial role in ensuring the integrity and reliability of our digital systems, directly impacting our ability to improve patients' lives. You will contribute to the safeguarding of our financial and operational data, enabling us to continue our mission of delivering breakthroughs that change patients' lives.
What You Will Achieve
Conduct independent evaluations of Pfizer’s Information Systems and compliance control processes worldwide to ensure Pfizer’s risks are properly managed.
In this role, you will
Lead and execute IT audits, including planning, fieldwork, and reporting.
Assess the effectiveness of IT controls and identify areas for improvement.
Provide guidance and/or lead/co-lead moderately complex projects, managing time and resources effectively.
Prepare formal written reports setting forth recommendations to strengthen and improve operations, as well as identify cost of efficiency savings.
Apply skills and discipline knowledge to contribute to work within the Department.
Make decisions to resolve moderately complex problems and develop new options.
Operate independently in ambiguous situations, guided by policies in non-standard situations.
Work independently, receiving instruction on unusual or complex problems, and determine objectives of assignments.
Generally, review your own work and seek directional review from others.
Review the work of other colleagues in a mentor role.
Exercise judgment utilizing knowledge and experience, potentially becoming a resource for others.
Here Is What You Need (Minimum Requirements)
Relevant years of experience: 5-10 years
Education: MA/MS/MBA preferred
Discipline(s): Information Systems Auditing required, SAP Experience preferred Certification(s): Certified Information Systems Auditor (CISA), Certified Public Accountant (CPA), Certified Internal Auditor (CIA) or Chartered Accountant (CA) preferred. Other Training: Foreign language skills preferred.
Type of industry/organizations: Public accounting and/or internal auditing required; multi-national pharmaceutical experience a plus; international experience a plus; large corporation experience preferred but not required.
Strong understanding of IT audit methodologies and standards.
Proficiency in using audit management software.
Experience with IT general controls and application controls.
Knowledge of regulatory requirements and industry standards (e.g., SOX, COBIT, NIST).
Ability to analyze complex data and provide actionable insights.
Excellent written and verbal communication skills.
Proven project management skills.
Ability to work collaboratively with cross-functional teams.
Candidates should also have solid audit skills in all areas below:
Planning and project management while meeting multiple deadlines.
Developing audit test strategies for complex IT solutions.
Collecting and analyzing complex data, evaluating information, and drawing logical conclusions.
Conducting reviews of all products of audit work performed by staff (work papers, testing and sampling plans, status reports, draft issues, etc.).
Effective verbal and written communications, including active listening and presenting findings and recommendations in a clear and concise manner, and resolving issues that may arise in a professional manner
Establishing and maintaining good working relationships with co-workers, staff and external contacts, and working effectively in a professional team environment in a matrixed organization.
Candidates should have solid technical skills in one or, preferably, several technical areas below:
GxP regulations, guidelines, and industry standards as they apply to computer systems used within the Life Sciences and Pharmaceutical industry, including FDA regulations 21 CFR Part 11 electronic records/electronic signatures and EU Annex 11.
Review and evaluate IT and Process controls in compliance with the Sarbanes-Oxley Act of 2002.
Strong knowledge in SAP, SAP Security and best practices solutions for SAP upgrades and implementations. SAP security knowledge should include but is not limited to SAP Authorization Concepts, Roles, Users Administration, SOD conflict resolution, SAP Access Controls, & SAP GRC Suite.
Knowledge of Quality Assurance and Quality Management principles, including an understanding of computer system validation practices as they apply to the Life Sciences and Pharmaceutical industry.
Information Systems Audit and Control Association (ISACA) IT Standards, Guidelines and Procedures for Auditing and Control and Code of Professional Ethics.
Control Objective for IT (COBIT) standards or equivalent.
IT security and control practices for relevant platforms and systems such as Mainframe, AS/400, Distributed (Unix, Windows) environments, Web-based technology, and LAN/WANs.
Bonus Points If You Have (Preferred Requirements):
· Certified Information Systems Auditor (CISA) or similar certification.
· Experience in the pharmaceutical or healthcare industry.
· Familiarity with data analytics tools and techniques.
· Knowledge of cybersecurity principles and practices.
· Experience with cloud computing environments.
· Understanding of emerging technologies and their impact on IT controls.
· Strong problem-solving skills.
· Ability to adapt to changing priorities and manage multiple tasks.
· Excellent interpersonal and leadership skills.
Work Location Assignment: Hybrid
Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.
Finance & Accounting