As a Senior IT Internal Auditor you are responsible for owning and executing risk-based IT and cybersecurity audits in accordance with Internal Audit methodology, including planning, scoping, testing, and reporting. You will lead audit activities end-to-end, including evaluating risks, developing audit approaches, and delivering clear, actionable recommendations to management.
In this role you will also support the Company’s Sarbanes-Oxley (SOX) compliance program, with a focus on evaluating the design and operating effectiveness of IT general controls (ITGCs), application controls, cybersecurity controls, and system-related processes across key business systems.
You will also support broader Internal Audit activities, including participation in inventory observations and financial or operational audits, as needed. As a Senior IT Internal Auditor you will work closely with IT, Information Security, Finance, Compliance, and external auditors to strengthen the overall control environment and drive continuous improvement.
- Lead and support SOX IT compliance activities, including walkthroughs, control testing and reviews, and documentation reviews of IT general controls (ITGCs) and automated/application controls, ensuring alignment with Company standards and external auditor reliance expectations. Assess the design and operating effectiveness of ITGCs (user access, change management, and IT operations) across key systems and processes.
-
Perform risk assessments and support audit planning, including identifying key risks, developing audit scope and objectives, and assisting in the creation of risk-based audit programs.
-
Execute IT and cybersecurity audits, including evaluation of controls over identity and access management, change management, IT operations, vulnerability management, incident response, and data protection.
-
Evaluate risks and controls related to system implementations, enhancements, and emerging technologies, including cloud and cybersecurity-related initiatives.
-
Identify, assess, and communicate control deficiencies, including root cause analysis and development of actionable recommendations; support and monitor remediation efforts.
-
Perform audit fieldwork and maintain high-quality documentation, including preparation and review of audit workpapers to ensure completeness, accuracy, and compliance with Internal Audit standards.
-
Serve as a key liaison with IT, Information Security, business stakeholders, and external auditors, facilitating alignment on audit scope, testing, and timelines.
-
Provide day-to-day guidance, oversight, and project management support for audit engagements, including reviewing work, coordinating timelines and deliverables, coaching on audit methodology, and supporting development to ensure consistent, high-quality execution.
-
Support execution of financial and operational audits, providing IT expertise and assisting with planning, testing, reviews, and reporting, as needed.
-
Lead and participate in inventory observations at manufacturing and distribution locations, including required domestic and limited international travel.
Required:
-
Bachelor’s degree in Accounting, Finance, Information Systems, or related field.
-
Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or comparable certification required.
-
Minimum of 5 years of relevant internal or external audit experience, including at least 3 years in IT audit.
-
Experience with SOX compliance, including ITGC and application control testing and reviews.
-
Understanding of cybersecurity frameworks and concepts.
-
Knowledge of ERP systems (e.g., Oracle, SAP) and related business processes.
-
Strong analytical, organizational, and problem-solving skills.
-
Effective written and verbal communication skills.
-
Ability to manage multiple priorities and meet deadlines.
-
Willingness to travel approximately 10–20%, including participation in inventory observations and related audits.
-
Experience working with external auditors.
Preferred:
-
Experience auditing cybersecurity domains (e.g., identity and access management, network security, cloud security, incident response).
-
Experience with automated controls, system implementations, and data analytics tools.
-
Exposure to manufacturing and/or distribution environments.
Other:
-
Strong interpersonal skills – ability to work closely with people at all levels of the organization and facilitate the implementation of corrective action.
-
Self-starter with demonstrated organizational, project management, time management and problem-solving skills.
-
Able to balance multiple high priority responsibilities on-time and effectively.
-
Able to confront difficult issues with the appropriate response and to do so in a timely manner with any/all stakeholders.
We value our employees and are committed to providing a comprehensive benefits package that supports your health, well-being, and financial future.
Here is just a brief overview of what we offer:
-
Market Competitive Pay
-
Extensive Paid Time Off and (9) added Holidays
-
Excellent Healthcare, Dental, and Vision benefits
-
Long/Short Term Disability Coverage
-
401(k) with a company match
-
Maternity & Parental Leave
-
Additional add-on benefits/discounts for programs such as Pet Insurance
-
Tuition Reimbursement and continued education programs
-
Excellent opportunities for advancement in a stable long-term career
#LI-MM1
Pay range for this opportunity is $75,000.00 - $90,000.00. This position is eligible for bonus participation.
Minimum pay rates offered will comply with county/city minimums, if higher than range listed. Pay rates are based on a number of factors, including but not limited to local labor market costs, years of relevant experience, education, professional certifications, foreign language fluency, etc.
STERIS offers a comprehensive and competitive benefits portfolio. Click here for a complete list of benefits: STERIS Benefits
Open until position is filled.
STERIS is a leading global provider of products and services that support patient care with an emphasis on infection prevention. WE HELP OUR CUSTOMERS CREATE A HEALTHIER AND SAFER WORLD by providing innovative healthcare and life sciences products and services around the globe. For more information, visit www.steris.com.
If you need assistance completing the application process, please call 1 (440) 392.7047. This contact information is for accommodation inquiries only and cannot be used to check application status.
STERIS is an Equal Opportunity Employer. We are committed to equal employment opportunity to ensure that persons are recruited, hired, trained, transferred and promoted in all job groups regardless of race, color, religion, age, disability, national origin, citizenship status, military or veteran status, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, genetic information, and any other category protected by federal, state or local law. We are not only committed to this policy by our status as a federal government contractor, but also we are strongly bound by the principle of equal employment opportunity.
The full affirmative action program, absent the data metrics required by § 60-741.44(k), shall be available to all employees and applicants for employment for inspection upon request. The program may be obtained at your location’s HR Office during normal business hours.