IT Audit Manager

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

CURRENT NEED

We are currently looking for an IT Audit Manager for our Irving, TX office. Candidates are expected to be located in the area and work in a hybrid environment. This individual will lead and perform assessments around Information Technology systems, processes and controls. This individual will contribute to all phases of the audit process, including planning, scoping, fieldwork, reporting, and wrap-up. This includes deliverables such as risk control matrices, stakeholder interviews, execution and modification of audit test plans, documentation of processes, workpaper review, and draft audit reports.

Primary Responsibilities:

Lead and execute IT audits, including identifying and defining risks, controls, and value-added testing strategies for each area under review.

Provide audit project oversight and leadership, including managing project cadence to meet milestones, keeping IA leadership updated on audit progress on a regular basis, and reviewing workpapers to ensure they are clear, complete, and well-organized.

Develop and maintain relationships between Internal Audit and key business partners and executives in the development and execution of audits.

Provide developmental coaching and mentoring to peers and audit staff

Supporting Responsibilities:

Leading and participating in meetings with auditees and key stakeholders to review key processes and gaps as well as control design elements, support, and conclusions.

Developing audit plans and understanding specific risks and challenges to be evaluated, employing critical thinking and appropriate testing methodologies throughout.

Exercise professional judgment and propose value added solutions in all aspects of engagement execution.

Ensuring audit observations and associated root causes are understood, well defined, and presented to audit and auditee management for accuracy and completeness.

Communicate IT audit observations and working with auditee management to develop action plans to remediate findings and track corrective actions through to completion.

Develop formal written reports to communicate audit results to management and make recommendations as appropriate.

Lead post engagement issue follow up and resolution.

Support other department initiatives and deliverables as needed.

Minimum Requirements

5+ years of relevant experience in related fields, including IT audit, Governance Risk and Compliance, IT compliance, IT project management, information security, cybersecurity, software development or technology.

Critical Skills

Comprehensive technical understanding and knowledge of internal audit processes

Strong leadership and project management skills and/or experience in leading audit projects and teams

Prior experience writing audit programs and reports and building process flows.

Working knowledge of IT general controls; logical access to programs and data, backup and recovery, change management, system development lifecycle, physical security.

Strong understanding of information security best practices and IT control frameworks such as COBIT, NIST, or ISO27000.

Demonstrated grasp of workpaper elements and documentation standards.

Excellent listening, verbal, and written communication skills including the ability to present to senior management.

Proven track record of relationship development and management with business unit leadership.

Problem solving skills that demonstrate logical and analytical thought processes.

Proficiency with Microsoft Office Suite including Word, Excel, PowerPoint, and Outlook.

Desirable Skills & Knowledge

IT Service Management or ITIL disciplines

ERP applications, including JD Edwards, SAP, PeopleSoft, and Hyperion

Windows, Unix and OS/400 based operating systems

Windows-based networks (in particular, Active Directory)

Cloud based security (Azure, Google Cloud, AWS)

TCP/IP networking protocol and TCP/IP-based networks

Laws and regulations relevant to IT and data security

Data visualization tools such as PowerBi or Tableau

Databases, firewalls, authentication systems, operational technology and cryptography

Education

Undergraduate degree in business, accounting, IT, internal audit or related field with focus on information systems or equivalent work experience.

Certification/Licensure

Professional certification is required – CISA, CISSP, CRISC, CISM, CIA, or CPA

Project Management Professional (PMP) certification desirable

Benefits & Company Statement 

We believe you should be rewarded for the important work you do. For that reason, you'll receive a competitive compensation and benefits package when you join our team.

It starts with you. That's a simple sentence but it says a lot. It reminds each one of us that what we do matters. Every single McKesson employee contributes to our mission - whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. By connecting and improving the business of healthcare, we're helping to ensure that millions of patients get the treatment they need. And by choosing a career with McKesson, you'll join a team of passionate people working together to improve lives and advance healthcare.

At McKesson, we believe we can empower healthcare. And it all starts with you.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

McKesson is an equal opportunity and affirmative action employer - minorities/females/veterans/persons with disabilities.

Agency Statement - No agencies please.

#L1-KR1

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!