Sr Analyst IT Internal Controls

Job Summary

This role is hybrid onsite 3 days per week. Onsite Tuesday, Wednesday, Thursday. This role will being its onsite needs at Medline's Northfield, IL location and be a part of the move to the Northbrook, IL location later this year.

We are seeking a highly motivated and experienced Senior IT Internal Controls Analyst to grow Medline’s IT Internal Controls program. This person will play a key role in ensuring our IT systems and processes comply with regulations and industry best practices. A successful candidate will have experience designing, documenting, testing, and remediating IT internal controls for large public companies.

Job Description

MAJOR RESPONSIBILITIES

• Support all aspects of IT compliance with internal control requirements, including designing, implementing, documenting, and testing IT controls and processes.
• Collaborate with IT, finance, and other cross-functional teams to identify and document key IT controls and processes that are subject to compliance.
• Create and maintain IT controls environment documentation (e.g., process flows, narratives, control matrices, role security matrices, etc.) by conducting walkthroughs, identifying relevant information, and documenting key details.
• Assess the impact of new business initiatives, system implementations, and IT policy changes on the IT internal controls environment.  Provide guidance and training to support compliance.
• Conduct regular assessments and audits of IT internal controls to ensure compliance with requirements and identify any potential compliance risks or issues.
• Identify control gaps, evaluate risk, and develop corrective action plans to address deficiencies, enabling sustainable control processes.
• Develop and implement IT compliance policies, procedures, and guidelines to ensure adherence to regulations and industry standards.
• Support the timely delivery of necessary documentation and evidence to internal and external auditors.
• Support the selection, configuration, and adoption of GRC tools to facilitate IT internal controls initiatives.
• Execute or facilitate the execution of IT internal controls activities, where applicable.
• Suggest efficiencies and continuous improvement opportunities related to the IT internal controls program.
• Provide training on IT internal controls, as needed.
• Collaborate with cross-functional teams to develop, implement, and remediate IT internal controls. 
• Monitor and report on control effectiveness and other program key performance indicators via metrics and dashboards. 
• Stay current on changes to the IT internal controls regulatory environment and their impact to Medline.

Work Experience

• Experience designing SAP controls
• Experience using AuditBoard SOXHUB module
• Experience configuring and deploying modern GRC tools
• Experience auditing or consulting for a Big 4 firm
• Advanced skills in Excel and data analytical tools.

MINIMUM JOB REQUIREMENTS

Education

Bachelor’s degree in Information Technology, Information Security, Computer Science, Business, Accounting, or related field.

Certification / Licensure

None required.

Work Experience

At least 3 years of experience in IT internal controls, external audit, internal audit, or a related role.

Knowledge / Skills / Abilities

• Experience designing, implementing, and/or testing IT general controls (i.e., SDLC, change management, access management, and interfaces/integrations).
• Familiarity with using modern GRC tools to effectively manage IT internal control execution and testing
• In-depth understanding of IT General Controls (i.e., Change Management, Access, IT Operations), SDLC, and application controls
• Knowledge of SOX audit scoping, testing, and sampling methodologies
• Experience developing and maintaining IT internal control documentation (e.g., risk control matrices, narratives, process flow diagrams, etc.)
• Familiarity with SOC 1 report reviews and documenting complementary user entity controls
• Knowledgeable on managing and mitigating segregation of duties violations
• Strong written and verbal skills, including a demonstrated ability to translate complex or technical information into concepts that are easily understood
• Strong analytical, problem solving, and critical thinking skills, including the ability to anticipate issues and to design appropriate solutions
• Detail and deadline oriented, with the ability to tackle multiple tasks and priorities simultaneously
• Proficient with Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint, Visio)

PREFERRED JOB REQUIREMENTS

Certification / Licensure

CISA, CISSP, CIA, CPA, CRISC, or CISM

Medline Industries, LP, and its subsidiaries, offer a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

The anticipated salary range for this position:

$96,200.00 - $144,560.00 Annual

The actual salary will vary based on applicant’s location, education, experience, skills, and abilities. This role is bonus and/or incentive eligible. Medline will not pay less than the applicable minimum wage or salary threshold.

Our benefit package includes health insurance, life and disability, 401(k) contributions, paid time off, etc., for employees working 30 or more hours per week on average. For a more comprehensive list of our benefits please click here. For roles where employees work less than 30 hours per week, benefits include 401(k) contributions as well as access to the Employee Assistance Program, Employee Resource Groups and the Employee Service Corp.

Every day, we’re focused on building a more diverse and inclusive company, one that recognizes, values and respects the differences we all bring to the workplace. From doing what’s right to delivering business results, together, we’re better. Explore our Diversity, Equity and Inclusion page here.

Medline Industries, LP is an equal opportunity employer. Medline evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.