Lead Analyst - IT Compliance

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Job Profile Summary
Individuals within the IT Compliance Lead Analyst role are responsible for ensuring that the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for driving adherence to compliance and regulatory IT controls. Will assist development of continuous monitoring controls to assess the IT control environment and its effectiveness against the IT Corporate Compliance Standards. Partner with the Corporate Compliance team to provide guidance and enhancements of control adjustments based on industry or corporate standards.
Members of this role need to understand software development life cycles, Sarbanes-Oxley (SOX) Controls, security principals, process design, and a strong knowledge of compliance management. They must be able to understand business requirements, technical specifications, and change management documentation to audit work products against standards. They must also be highly skilled communicators. The associate in this role will work on multiple projects as a compliance team leader or advisor. They will work on projects that have system-wide impact, integrating across the organization and involving multiple technical environments and disciplines.
Shift Time: 12:00 PM to 09:00 PM IST
Work Mode: Hybrid
PRIMARY DUTIES AND RESPONSIBILITIES:

• Leads in identification and documentation of Cencora/Pharmalex IT General Controls (ITGC).
• Performs risk assessment procedures and presents findings to leadership verbally or via written reports.
• Provides controls guidance to IT and the business to facilitate operational effectiveness and ensures compliance requirements are met.
• Utilizes sound judgment to identify and assess risk, materiality, and adequacy of audit evidence, compensating controls, and significance of findings.
• Collaborates effectively and on an ongoing basis with all constituents involved in IT General Controls.
• Reviews progress toward the ITGC plan regularly with IT leaders, control owners and auditors to make modifications, as necessary.
• Assists internal and external auditors in compliance reviews.
• Assists external compliance initiatives that may include Sarbanes-Oxley (SOX), EU GDP, GDPR, and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication, and escalation of remediation.
• Builds trusted working relationships with the enterprise Finance, Legal, Audit and Corporate Compliance groups to support Internal and External Audits, and to ensure the understanding and acceptance of audit issues in connection with business risks.
• Stays current with latest changes in external compliance initiatives that may affect the organization's compliance with external requirements.
• Manages discussions with external auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate our IT Controls strategy and how IT controls operate.
• Prepares clear, detailed, and accurate compliance documentation, including narratives, control descriptions, risk control matrices, test programs, and performance metrics.
• Establishes and communicates timelines, requirements, and issues with management in a professional and timely manner.
• Escalates key control risks and issues, in a professional manner to management.
• Evaluates and makes compliance recommendations on standards within enterprise-wide processes such as change and release management.
• Leads evaluation of Control Frameworks, Regulations, and certifications, provides analysis based on findings.
• Participates in evaluation of acquired solutions and provides findings on control risks.

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
Bachelor's degree in computer science, Information Systems, Business Administration, or other related field or equivalent work experience. Minimum of eight (8) years IT compliance or audit experience, including supervisory experience working for a large company. Professional certification is preferred (CISA, CIA, CPA, CRISC, CISSP, or similar). Must have experience in auditing large ERP systems.
MINIMUM SKILLS, KNOWLEDGE, AND ABILITY REQUIREMENTS:

• Direct experience in auditing Microsoft Dynamics365 or an equivalent ERP system
• Experience in working remotely and autonomously
• Ability to work within a team environment
• Skilled at interacting with internal and external personnel
• Strong interpersonal and analytical skills
• Strong organizational and oral/written communication skills
• High degree of literacy with system processes and internal controls
• Comfortable working with management, and ability to work independently on projects and supervising of assigned staff
• Extensive exposure to IT related operations, including system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other typical application specific control principles and risk
• Working knowledge of Sarbanes-Oxley requirements

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
Bachelor's degree in computer science, Information Systems, Business Administration, or other related field or equivalent work experience. Minimum of Eight (8) years IT compliance or audit experience, including supervisory experience working for a large company. Professional certification is preferred (CISA, CIA, CPA, CRISC, CISSP, or similar). Must have experience in auditing large ERP systems.
MINIMUM SKILLS, KNOWLEDGE, AND ABILITY REQUIREMENTS:

• Direct experience in auditing Microsoft Dynamics365 or an equivalent ERP system
• Experience in working remotely and autonomously
• Ability to work within a team environment
• Skilled at interacting with internal and external personnel
• Strong interpersonal and analytical skills
• Strong organizational and oral/written communication skills
• High degree of literacy with system processes and internal controls
• Comfortable working with management, and ability to work independently on projects and supervising of assigned staff
• Extensive exposure to IT related operations, including system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other typical application specific control principles and risk
• Working knowledge of Sarbanes-Oxley requirements

What Cencora offers
Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements.
Full time
Affiliated Companies
Affiliated Companies: CENCORA BUSINESS SERVICES INDIA PRIVATE LIMITED
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned