Senior IT Auditor, Global Audit and Risk Management

Who we are looking for:

Our Global Audit & Risk Management (GA&RM) team partners with management across the enterprise to enhance and protect Nike’s value and brand through world-class risk management capabilities, such as internal audit and risk advisory services. As a Senior IT Auditor on our team, you will leverage adept audit craft and project management experience to bring valuable insights across audit, advisory, and strategic risk projects.

This teammate will also use dynamic interpersonal skills to up level team operations through collaboration, innovation, and challenging the status quo! A successful candidate will thrive working in an environment where the pace of change is high and integrative thinking is required to “connect the dots” across the company.

What will you work on:

NIKE’s technology landscape is constantly evolving, but some audit areas of focus may include; cloud platforms, DevOps CI/CD processes, technical operations, site reliability engineering, digital experience development, product management, technology governance, portfolio management, data governance, data privacy, cybersecurity, enterprise system implementation reviews (e.g. SAP), enterprise architecture, business continuity management/disaster recovery, and assessing technology risk in other emerging applications/subject areas such as AI/ML, blockchain, and RPA.

Primary responsibilities for this role include but are not limited to:

• Executing core-assurance and risk-based audit projects across the enterprise

• Ability to deliver work in accordance with project plans and timelines that enforce professional standards and tie to strategic priorities and key business risks

• Understanding and documenting business processes and the internal control environment

• Delivering high quality documentation to support project work in compliance with standards 

• Working with stakeholders to develop recommendations to optimize risk, through root-cause analysis

• Developing high quality, value-add audit and advisory findings, opportunity statements, and recommendations 

• Delivering complex ideas or sensitive / difficult information in a manner that influences others to adopt a different point of view

• Communicating effectively with senior and executive-level audiences through development of high-quality reports and presentations

• Collaborating with a team of risk professionals to sense, evaluate, and embed risk management activities into the business operating rhythm

• Strong discernment demonstrated through the ability to quickly understand business opportunities and effectively recommend pragmatic solutions

Who you’ll be working with:

The Senior IT Auditor, GA&RM will report directly to the GA&RM Director responsible for IT and be part of a strong group of risk professional within a highly collaborative team. Your work will be highly visible to our NIKE, Inc. executive management and the Audit and Finance Committee of the Board of Directors!

What you bring:

• Typically requires a Bachelor's degree and 5 combined years of progressively responsible IT audit, Technology and or risk services including but not limited to; IT internal or external audit, technology, risk advisory services, or enterprise risk management or equivalent combination of demonstrated skills and experiences.

• Demonstrated experience with:

  • Fundamental information security concepts (C.I.A.).

  • Auditing general computing controls (ITGCs), including security/access, change control, systems development and technology operations, experience with SAP S4/HANA strongly preferred.

  • Business process mapping, risk and controls identification, design, and implementation

  • Operating system platforms, relational database platforms, cloud computing platforms, enterprise network and systems architecture concepts and technologies, and risk considerations for internet-facing digital experience and commerce applications.

  • Managed service risk and control concepts for cloud-based services (IaaS, PaaS, SaaS), hosted infrastructure, and outsourcing services.

  • Various system and application development methodologies (Agile, Waterfall); familiar with DevOps and continuous integration and continuous delivery approaches.

  • Information technology standard methodologies and control frameworks such as NIST CSF, ISO27001, and COBIT.

  • Identifying business and technology risks, understanding the internal control environment at a project-level, and working with clients to develop practical recommendations to mitigate those risks.

  • Connecting business objectives to testing through well-documented work papers

• Possess advanced knowledge and application of audit and risk craft

• Excellent verbal and written communication skills

• Proven ability to identify and assess business risks and controls, perform root cause analysis, and work with business partners to develop practical recommendations for optimizing risks

• Demonstrated project management experience

• Ability to travel up to 20% (domestic and international)

Preferred

• Professional risk certifications including CISA, CISSP, CISM, CIPP, and/or CSX

• Subject matter expertise in any of the following: Consumer Products, Brand and Sports Marketing, Retail and Wholesale Strategy and Operations, Supply Chain, Finance and Accounting, Human Resources, Fraud, Legal

• Demonstrated data analytics capabilities

• Understanding of Information Technology general controls and risk concepts

• General understanding/knowledge of Nike’s business and operating model

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.