IT Risk Specialist

The IT Risk Specialist is an individual contributor who will provide practical and technical audit and IT risk expertise for the global cybersecurity team. The primary responsibility of this role is to liaise between the IT Department and internal/external auditors for the annual SOX audit. This role is also responsible for providing oversight and support to all required audits and IT risk functions, including, but not limited to creating & maintaining a thorough audit calendar, conducting quarterly Active Directory reviews, managing Sensata’s third-party risk management platform, and maintaining the IT risk register. The IT Risk Specialist will also be responsible for conducting due diligence assessments on new vendors, suppliers, and business partners and evaluating regulatory compliance documentation during the on-boarding process. This role will report to the IT Director of Cybersecurity, but will support the broader IT Department.

General Responsibilities

• Partners with IT and business stakeholders on the status of cyber risk and compliance issues, assessment findings, control gaps, and upcoming audit requirements

• Coordinates with business stakeholders to understand the full scope of Sensata’s audit schedule; builds and manages the audit calendar for IT participation

• Maintains SOX audit playbooks; develops playbooks for other recurring audits

• Defines metrics for internal cyber risk register rating scores; maintains the cyber risk register; coordinates with risk owners to remediate identified risks to the organization

• Manages the IT component of both internal and external audits: schedules control walkthroughs, coordinates evidence collection, etc.

• Conducts quarterly reviews of the Active Directory and Azure environments for inappropriate and/or stale user and computer access

• Documents and maintains policies and standard operating procedures to assess, monitor, report, escalate and remediate cyber risk and compliance related issues

• Monitors and analyzes Sensata’s third-party risk management platform and coordinates remediation actions with vendors, suppliers, and other business partners

• Works collaboratively with corporate compliance, internal audit, corporate risk management and various technical teams in the design and implementation of audit, risk assessment and regulatory compliance practices for IT

• Proactively promotes enhancement of technology-related internal controls awareness and training across IT and business units; drives toward efficiency and automation for recurring audit requirements

• Partners with cross-functional & cross-regional teams in performing reviews and tests of IT internal controls to ensure that existing IT systems are operating as designed

• Escalates issues and risks to appropriate stakeholders; creates corrective action plans; determines acceptable level of risk

Experience / Qualifications

• A university degree required (i.e. Bachelors degree) or equivalent relevant work experience.

• Must be a team player able to work in a fast-paced environment with demonstrated ability to handle multiple competing tasks and demands

• Strong communication skills; oral, written and presentation

• Strong organization, planning and time management skills to achieve results

• Strong personal and professional ethical values and integrity

• Holds self-accountable to achieving goals and standards

• Proficient in Microsoft Office programs (Outlook, Word, PowerPoint, and Excel)

• Strong interpersonal & collaboration skills to work effectively with all levels of the organization including suppliers and/or external customers

Additional Experience/ Qualifications

• IT and business work experience in risk management, SOX compliance, audit, information security management, or similar career path preferred

• A university degree in Information Systems, Cyber Security, Business Administration, or equivalent relevant work experience/certifications preferred

• First-hand experience with Sarbanes-Oxley (SOX) and the NIST Cybersecurity Framework preferred

• Familiarity with: TISAX, ISO 27001, ISO 21434, CMMC, etc. preferred

• Knowledge of governance, risk, and compliance platforms preferred

• Previous auditor experience is a plus, but not required

• Ability to travel up to 10%

#LI-MY1 #LI-Hybrid

Base Salary Range:

$107,600.00 - $148,060.00

At Sensata, our employees are the key to our success and growth.  We recognize that each individual brings their own unique experience, therefore the base salary range information shown above is a general guideline only.  Sensata considers several factors when extending an offer, including, but not limited to, a candidate’s experience and qualifications, as well as internal equity, market and business considerations. In addition to base salary, Sensata offers competitive medical, dental, vision, life and disability insurance plans, along with education reimbursement, wellness programs, a 401(k) retirement plan with Company matching, and a variety of paid time off, such as vacation or flex-time, sick, bereavement, and parental leave. Certain positions are also eligible for short-term incentive and long-term incentive programs.

SmarterTogether

• Collaborating at Sensata means working with some of the world’s most talented people in an enriching environment that is constantly pushing towards the next best thing

• Employees work across functions, countries and cultures gaining new perspectives through mutual respect and open communication

•  As OneSensata, we are working together to make things work together 

Click here to view Sensata Recruitment Privacy Statement

Click here to view our Sensata Recruitment Privacy Statement for China

NOTE:  If you are a current Sensata employee (or one of our Affiliates), please back out of this application and log into Workday via the Company Intranet to apply directly.  Type "FIND JOBS" in the Workday search bar.