Lead IT Internal Auditor

About Dexcom

Founded in 1999, Dexcom, Inc. (NASDAQ: DXCM), develops and markets Continuous Glucose Monitoring (CGM) systems for ambulatory use by people with diabetes and by healthcare providers for the treatment of people with diabetes. The company is the leader in transforming diabetes care and management by providing CGM technology to help patients and healthcare professionals better manage diabetes. Since the company’s inception, Dexcom has focused on better outcomes for patients, caregivers, and clinicians by delivering solutions that are best in class - while empowering the community to take control of diabetes. Dexcom reported full-year 2022 revenues of $2.9B, a growth of 18% over 2021. Headquartered in San Diego, California, with additional offices in the Americas, Europe, and Asia Pacific, the company employs over 8,000 people worldwide.

Summary: 

Are you a person with a penchant for working in a collaborative environment?  We are invested in providing you the opportunity to build a career, be creative, and try new things with the support you need to be successful. This highly visible role will support the Sr. Global IT Audit Manager and interact with all levels across the organization to promote and support a culture of continuous process improvement and efficiency driving toward standardized practices.

In this position, you will be responsible for executing audits for Sarbanes-Oxley (SOX), and IT operational audits, and have an opportunity to work on data analytics and advanced audit techniques to assist the company in completing with statutory and regulatory requirements. The IT Lead Auditor will assist with project planning, execution, tracking and reporting adherence to regulatory compliance across the organization.

  
About the Role: 

• You will assist and lead the implementation and management of the IT Audit program and other audit program strategies as needed. Liaise with both internal process control owners and external auditors as the main point of communication from IT and for Dexcom integrated financial statement audits.
• You will work closely with internal audit teams on integrated risk assessments, scoping, and testing programs in accordance with COSO and COBIT frameworks. You will assist in providing regular controls compliance metrics reporting and tracking.
• You will understand and apply risk and control objective concepts to assess control design and develop a test approach for the key controls. You will examine internal IT controls, evaluate, and conclude results on time on the design and operational effectiveness of controls with minimal review notes; determine risk exposure, and provide value-added recommendations.
• You will ensure the completion of high-quality integrated test documentation, which demonstrates your understanding of IT processes, key reports reliance, identified risks, and design of controls (including Management Review Control requirements) and how to test the operation effectiveness.
• You will document and report the remediation of control design deficiencies to policy and compliance guidelines and provide suggestions to management on ways to mitigate risk and/or enhance the effectiveness. Additionally, you will be responsible for validating the resolution and implementation of corrective action plans. Communicating complex technical issues in simplified terms to the relevant IT And non-IT Business System owners.
• You will review work performed by other team members where applicable and guide to ensure conclusions are properly supported and work product meets guidelines.
• You will leverage data-driven approaches to analyze business processes, including business reliance on technologies, to assess controls/risks and design audit procedures. You will work on complex transactions/issues where analysis of situation or data requires an in-depth evaluation, or you may guide staff auditors. Experience with data analytics audit a plus.
• You will keep abreast of regulatory and IT compliance developments within or outside of the company as well as evolving best practices in compliance control.  Actively improve technical and project management skills through on-the-job feedback, performance evaluations, mentoring, including maintaining your CPE, and develop as a subject matter professional in audit domains or areas.
• You will perform other duties, special projects, and/or various internal audits, over a broad range of IT controls, to adequately meet the audit/project objectives, changing business conditions and/or requirements, identify opportunities for process improvements, and effectively.

About You: 

• You are a seasoned professional with at least a Bachelor’s degree in Computer Information Systems, IT, or related. Programming knowledge is a plus. You bring 6-10 years minimum relevant hands-on IT audit experience, including IT SOX compliance, IT application and operating system audit experience, including at least 5 years from a public accounting firm (Big4 a plus). 
• You have familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, logging and monitoring and application security. You have hands-on knowledge and experience in testing some or all the following Oracle EBS, Oracle Fusion, Oracle Warehouse Management System, Hyperion and FCCS, data warehouses, ETL processes, OIC and integration and logging tools. 
• You demonstrate proven organizational, time-management, analytical, and communication skills and an ability to work both in teams and independently to effectively execute projects. You have a strong attention to detail and documentation. You can respond to the company's changing needs and balance the competing priorities while maintaining project progress.
• You are in possession of or working towards a professional certification as a Certified Information Systems Auditor (CISA), CISM, CIA, and/or CISSP certification. You continue to develop new skills and stay abreast of applicable laws, the latest regulatory/SEC/audit requirements, and IT compliance developments within or outside of the company as well as evolving best practices in compliance control. 
• You have a strong understanding of SOX 404 IT auditing standards and practical hands-on experience evaluating risk and executing internal audit programs.
• You have a strong understanding and demonstrated experience in implementing compliance frameworks such as COSO, COBIT, ISO, PCAOB, NIST, and other IT auditing standards. Working knowledge of the NIST Cybersecurity Framework and cloud infrastructure risk management is a plus.
• You have demonstrated experience in testing SOX 404 IT General Controls (ITGC), IT Application and IT Configuration Controls of ERP systems and integrations, key reports, may have some experience with analysis and data analytics, and project leadership with a large manufacturing company.
• You have experience in auditing new system implementations (SDLC) for SOX control requirements a plus; and can provide guidance and recommendations for improvements to meet trending compliance requirements.
• You have some hands-on experience with data visualization and data manipulation using tools such as phython, azure, SQL, Python, Tableau, Power BI.
• You have a flexible schedule to work with our global audit team and international Finance, Functional, and IT teams. Willing and able to travel up to 25% of the time.

Sounds like you? Apply! 

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.