Manager - Technology Risk Audit

At DICK’S Sporting Goods, we believe in how positively sports can change lives. On our team, everyone plays a critical role in creating confidence and excitement by personally equipping all athletes to achieve their dreams.  We are committed to creating an inclusive and diverse workforce, reflecting the communities we serve.

If you are ready to make a difference as part of the world’s greatest sports team, apply to join our team today!

OVERVIEW:

Role Responsibilities:

Technology and Integrated Audits

• Manage technology and integrated audits, including audits over infrastructure, cloud environments, and applications

• Establish and maintain appropriate professional relationships with Company personnel and external auditors/consultants.

• Review risk assessments and process flows completed by Technology Risk Auditors to ensure appropriate coverage of risks and scoping.

• Create audit communication plan including internal status updates and updates to auditees.

• Review work programs and test procedures drafted by Technology Audit team for coverage and design of testing procedures to meet audit objectives

• Oversee audit team's fieldwork, including reviews of teammates' work papers

• Perform and/or review the evaluation of audit procedures/results prior to Director review to:

  • Ensure completeness and effectiveness of audit results are in line with agreed upon audit scope.

  • Assess the adequacy and efficiency of operating policies and procedures.

  • Recommend alternative policies, procedures, or efficiencies.

• Draft audit reports that consider root causes, impact/exposure, and both near and long-term recommendations/solutions for the auditee and Executive Management.  Tailors and summarizes deliverables based upon audience for the appropriate level of detail.

Sarbanes-Oxley (SOX) and Internal Control Testing

• Interact with all levels of the organization to gain an understanding of the technology processes and internal controls.

• Review the documentation risks and controls and execute tests to evaluate the controls and review testing performed by Technology Risk Auditors.

• Draft and review audit issues to report to senior management and the external auditors.

Consulting / Special Projects / Technology Audit Governance

• Assist and identify potential areas of assistance to technology in the development and/or implementation of process efficiencies, control improvements and best practices.

• Assist with special assignments by developing project plans to measure and monitor completion against initially planned timelines.

• Create detailed audit programs to achieve project objectives for short notice special projects at the request of Senior Management

• Draw upon established strategic working relationships and Company knowledge to complete consulting/special projects in a quick time frame

On-Site Store and Distribution Center Audits

• Perform on-site physical inventory observations and other audit procedures at various stores

• Assist financial/operational audit team in performing Distribution Center audits

• Communicate audit findings and recommendations for improvement to Management via audit reports and closing meetings

System Implementations

• Audit system implementations at various phases, including for iterative deployments, pre go-live, and post go-live, depending on the nature of the implementation.

• Tailor audit procedures to accommodate differing implementation and development methodologies, including waterfall and agile development, to evaluate development, project management, integration, data conversion/validation, and testing controls, as applicable.

• Review the existing business and system process documentation and the proposed new system and process for design effectiveness, risk assessment and management, control implications, etc.

• Develop and review test plans for the implementation which would include pre-conversion and post implementation testing.

• Review technology and business user testing and documentation for adequacy and completeness.

• Recommend alternative policies, procedures, or efficiencies.

• Drafts and reviews audit reports to communicates to auditees' leadership teams (Director+ levels).

QUALIFICATIONS:

• Bachelor's Degree

• BS in Information Systems and Technology, Data Science, or Cybersecurity Studies

• 5-7 years experience

• Total years of experience 5+; Total public accounting and/or internal audit years of experience – 3+; Previous experience within the retail or tech industry

• Required certifications – CISA

• One of the following preferred certifications – CIA, CISSP,  CIPP/US, CIPT, CIPM,  CISM, CRISC, CDPSE, CGEIT certification(s) or similar certificate

• SOX and knowledge of general technology controls and able to audit unfamiliar areas with ease

#LI-SL1