Sr Auditor

About us:

As a Fortune 50 company with more than 400,000 team members worldwide, Target is an iconic brand and one of America's leading retailers. At Target, we have a timeless purpose and a proven strategy and that hasn’t happened by accident. Some of the best minds from diverse backgrounds come together at Target to redefine retail in an inclusive learning environment that values people and delivers world-class outcomes. That winning formula is especially apparent in Bengaluru, where Target in India operates as a fully integrated part of Target’s global team and has more than 4,000 team members supporting the company’s global strategy and operations.

Joining Target means promoting a culture of mutual care and respect and striving to make the most meaningful and positive impact. Becoming a Target team member means joining a community that values diverse backgrounds. We believe your unique perspective is important, and you'll build relationships by being authentic and respectful. At Target, inclusion is part of the core value. We aim to create equitable experiences for all, regardless of their dimensions of difference. As an equal opportunity employer, Target provides diverse opportunities for everyone to grow and win.

Internal Audit provides independent assurance and risk insights to and collaborates with business owners across the enterprise. You’ll use professional judgment, analytics, agile concepts and other innovations daily. You’ll understand, assess the effectiveness of and help improve risk management capabilities (e.g., processes and controls) for Target’s strategic, business and compliance objectives. 

Roles & Responsibilities:

As a Senior Auditor, you will be a part of the Internal Audit team and responsible for: 

• Demonstrating a strong acumen for risks & controls in Information Technology & Security
• Performing testing and reporting on internal controls in compliance with Sarbanes-Oxley Act (SOX) and Internal Controls over Financial Reporting (ICoFR).

• Performing design and operating effectiveness testing for assigned IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery.
• Performing Design & Operating effectiveness testing for assigned IT Application Controls, IPE, and Interface Controls through code review for various standard and off-the-shelf applications (ITAC) while adhering to Internal Audit & PCAOB standards.
• Participating in IT & Business process walkthroughs in collaboration with the control owners, 2nd line teams & Target’s external auditors, documenting the process narratives & developing detailed test procedures.
• Demonstrating a good understanding of Networking concepts, Cloud Security, Operating System Hardening, Software Development Lifecycle (SDLC), Access, Change & Configuration management controls. 
• Performing internal audits related to IT Infrastructure & Information Security in adherence to the Internal Audit Policies & Procedures.
• Testing configuration of standard applications (Like SAP, Oracle, etc.) and non-SAP application, reviewing variations, Interface Controls testing, building sample scenarios, source code reviews and key reports testing.
• Ensuring all work papers meet the documentation & quality requirements throughout the lifecycle of an engagement (Planning, Fieldwork, Reporting & Wrap – Up) 
• Communicating any findings noted during the testing and working with the internal audit business auditors, 2nd line team, control owners & external auditors to assess the impact of the findings.
• Maintaining high quality standards while delivering and executing the internal audit engagement within stated timelines
• Participating in quality assessment activities for audits performed by other Internal Audit Team Members 
• Developing a strong understanding of Target’s risk management framework, information security policies & control procedures and ensuring control objectives are met during your testing. Direct audits to assess controls, operational and technical efficiencies, and compliance with policies, procedures and regulations
• Managing relationships with key internal & external stakeholders to manage expectations of the engagement, including work products, project timelines & deliverables.
• Contribute to the optimization of controls testing processes for enhancing efficiency and transparency.
• Identifying opportunities for use of Data Analytics & Automation to enhance Internal Audit’s ability to perform efficient testing/audit.
• Demonstrating a high level of engagement at work by closely interacting with HQ Internal Audit Team, participation in Internal Audit trainings, team building & community relations activities.
• Being independent, innovative & proactive in taking steps for your personal development by willingly taking on stretch assignments, cross-functional engagements & acquiring new skills.

Job duties may change at any time due to business needs.

About You.

• 3 or 4 year college degree in the field of software engineering, accounting, information technology & computer science or related field preferred.
• 6-8 years of internal or external audit experience focused on SOX 302/404 audit & compliance.
• Experience in SAP IT Controls audit, SAP security baseline & best practices in SAP Security is preferred.
• Knowledge of key IT regulations, standards and benchmarks used by the IT industry (e.g. SOX, COBIT, SSAE18/ISAE 3402 etc.)
• Ability to develop and review scripts/codes in python, SQL, Java, etc. 
• Working Knowledge of auditing ITGC & ITAC
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self- assurance, and professionalism.
• Knowledge of security measures and auditing practices within various applications, operating systems, and databases
• Exposure to Risk Management and Governance Frameworks/ Systems & ERP systems

Preferences: 

• CISA, CISSP, CISM, ITIL, CIA, CCNA, CCSK, ISO27001 Lead Auditor 
• Big 4, retail experience is a plus.