Hiring.fm
ResMed

IT Auditor

Sydney, NSW, Australia Full time

The Finance team’s goal is to be a trusted and collaborative partner to all the businesses and functional teams that we work with, bringing business acumen, financial expertise and insights to aid decision-making and deliver value to our stakeholders. We strive to generate value through providing specialist advice and making recommendations to optimize decision making, delivering transparent processes and implementing governance and controls to mitigate risk.

  

About Resmed’s IT Audit and Assurance Team:

Resmed's IT Audit and Assurance team’s goal is to be a trusted and collaborative partner to all Business and IT teams that we work with, bringing IT risk and compliance expertise, and insights to aid decision-making and deliver value to our stakeholders. Being a global leader in health technology and connected care, Resmed’s complex IT environment is continuously evolving. We strive to generate value through providing specialist advice and making recommendations to optimize decision making, delivering transparent processes, and help implement IT governance and controls to mitigate IT risks.

Let's talk about the team:

The primary role of IT Auditor is to assess IT risks throughout the organization, within various information systems and tools, and independently test and document controls to ensure IT risks are appropriately mitigated, both for our internal business process supporting information systems, as well as our customer facing solutions. As an IT Auditor, you will work closely with the other members of the IT Audit team (based in Sydney, Kuala Lumpur, Dublin and San Diego) to perform IT risk assessments and provide advice that will help Resmed manage IT risks as it continues its Digital Transformation journey.

This role is based in Sydney, Australia.

Let’s talk about the role:

  • Participate in and perform IT risk assessments with a focus on SOX, SOC2, HIPAA, HITRUST, GDPR and other security and privacy related assessments in scope for Resmed’s global organization. You will be responsible for assessing the full IT environment including application, database, platform, and infrastructure.
  • Participate in, and advise on various IT projects, e.g. cloud migrations, AI and RPA initiatives, system or software implementations, operational audits, M&A integration efforts and data security/privacy compliance audits.
  • Examine IT controls, evaluate the design and operational effectiveness, determine exposure to risk and assist business and IT to develop remediation plans.
  • Follow up on IT control deficiencies and improvement opportunities to ensure remediation is undertaken and performed in a timely manner.
  • Help facilitate and coordinate audit activities undertaken by Resmed’s external auditors.


Let’s talk about you:

  • Bachelor’s Degree in ICT/ Technology/ System Security or relevant discipline required. An equivalent combination of education and experience will be considered.
  • Relevant industry certifications e.g., CISSP, CCSP, CISM, CISA, or willingness to obtain these as needed.
  • Must have a minimum of 1-3 years of experience in IT Audit, IT Administration, Information Security or other Computer System related fields.
  • Effective interpersonal, written, and verbal communication skills
  • Ability to work independently, attention to detail, and a high level of personal accountability for accuracy, task prioritization, and timely completion.
  • The ideal candidate will have demonstrable operational knowledge of and experience with managing IT risks and controls (implementing, executing, or auditing) in cloud environments e.g. Oracle Fusion, Microsoft Azure, Amazon Web Services (AWS) and/or SaaS platforms.
  • Committed to ongoing personal development and staying current with emergent technologies and AI advancements and integrating new tools into audit processes.

Preferred:

  • Working knowledge of Sarbanes Oxley, ISO27001, ISO27002, ISO9001, HIPAA, GDPR, FDA Quality System Regulation, 21 CFR Part 11, 21 CFR Part 820, CSA CCM, SOC Audit requirements.
  • Demonstrable operational knowledge of and experience with ERP systems (Oracle E-Business Suite, Oracle Fusion, NetSuite), HR systems (Workday), and/or Warehouse Management Systems (HighJump).
  • Understanding ePHI and cloud platform security and privacy controls.
  • Familiar with / experience with data analytics tools and techniques e.g., SQL, Python, Power BI, Tableau, or equivalent platforms
  • Familiar with / experience using audit data analytics: ability to design and execute data-driven audit tests, perform anomaly detection, and leverage data visualization for risk assessment and reporting.
  • Familiar with / experience using code-free analytics platforms: solutions that enable non-technical users to perform advanced analytics (e.g., natural language analytics, agentic AI tools).
  • Familiar with / experience using GRC/e-workpaper (AuditBoard) solutions.
  • Workshop and facilitation skills to support risk and control assessments.
  • Experience working at Big 4 Firm, or internal audit function of a public company in the medical device or manufacturing industry..

Joining us is more than saying “yes” to making the world a healthier place. It’s discovering a career that’s challenging, supportive and inspiring. Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates. If this sounds like the workplace for you, apply now! We commit to respond to every applicant.