Senior Internal Auditor – Information Technology

Job Summary :

The Senior IT Auditor will build strong relationships and interact effectively at all levels of the organization to achieve compliance objectives while keeping up with industry standards. Reporting to the Sr. Director, Internal Audit & supporting the Internal Audit Risk & Governance function, this role will be responsible for planning, supervising, and completing annual planned audits, SOX ITGC compliance implementation and testing, risk assessments and consulting engagements to protect the company from risk, enhance the internal control environment and contribute to iHerb’s commitment to continuous improvement.

Job Expectations :

• Assist iHerb to comply with corporate statutory / regulatory requirements. Emphasis will be on planning and executing audits as well as performing controls assessments for SOX, CyberSecurity, SAP, Data Privacy, and PCI compliance
• Plan & lead complex IT audits (based on COBiT methodology) for IT general and application controls in the areas of system development, information security, change management, data networks, computer operations, business continuity and disaster recovery
• Evaluate the design and effectiveness of the control environment; track, monitor and maintain control issues; develop / assist with remediation plans & prepare compliance summaries
• Liaise with Compliance and IT management throughout the annual compliance life cycle
• Evaluate and test security and controls for various on-premise and cloud-based technologies
• Practical experience with internal control standards (Sarbanes Oxley, COSO, COBIT), control testing strategies
• Understanding of Internal audit processes and practices i.e. : technology and tools for planning, testing, and reporting
• Evaluate Service Organization Control (SOC) reports
• Practical experience with evaluating IT general controls concepts in the areas of system development, change management, computer operations and access to programs
• Hands on experience with IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, and networking, business continuity planning
• Developing and executing a detailed audit work plan for the IT audit component
• Drafting and assisting in reporting audit results to company leadership
• Assessing and communicating audit results, translating findings into level of risk and drive remediation of key issues in a timely manner
• Developing an effective and sustainable IT system controls framework
• Recommend improvements to processes, controls, and test programs to enhance the control environment and improve efficiency / effectiveness
• Develop strong, collaborative working relationships across all levels of the Company; maintain on-going and constant communications with key stakeholders
• Advocate and maintain the highest standard of ethics, discipline, and professionalism
• Coordinate, the work performed by external co-sourced resources

Knowledge, Skills and Abilities :

Required :

Equipment Knowledge :

Experience Requirements :

Generally requires a minimum five (5) plus years of public accounting and / or industry experience. Certification as a Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Security Manager (CISM), Cloud and / or PCI preferred.

Education Requirements :

Bachelor’s Degree in Information Systems or related field preferred. CPA / CISA / CIA / CISM qualification with a Big 4 public accounting firm is strongly preferred.

LI-ME1

The anticipated pay scale for this position can be found below, however the pay range applicable to you may vary by geographic location based on where the job is located or where you work. The final pay offered to a successful candidate will be dependent on several factors that may include but are not limited to the type and years of experience within the job, the type of years and experience within the industry, education, etc. iHerb, LLC is a multi-state employer and this pay scale may not reflect positions that work in other states or locations.

Employees (and their families) that meet eligibility criteria as outlined in applicable plan documents are eligible to participate in our medical, dental, vision, and basic life insurance programs and may enroll in our company’s 401(k) plan. Employees will also be eligible for Time Off and Paid Sick Leave pursuant to the company’s policies. Employees will enjoy paid holidays throughout the calendar year. Eligibility requirements for these benefits will be controlled by applicable plan documents.

Hired applicant may be awarded Restrict Stock Units and receive annual bonuses pursuant to eligibility and performance criteria defined in the respective plan documents and policies.

For more information on iHerb benefits, visit us at .

Anticipated Pay Scale :

69,410 — $136,914 USD

Salary : $69,410 - $136,914