Job Description Summary

As the Sr. IT Auditor, you will coordinate with the Internal Audit Manager and other team members to execute the audit process, including risk assessment, audit planning, audit execution and reporting results for GE Aerospace.

Job Description

GE Aerospace is amid a significant and public transformation of its portfolio, leadership, operations, and culture. One of the top priorities within this transformation is the Internal Audit function. GE Aerospace is currently evolving the function, focusing on the development of data driven and automation enabled digital security audit expertise to serve as a true business partner for the audit committee and executive leaders, while still maintaining its commitment to talent development, both within and outside the function.

A key dimension of this role will be leading a multi-disciplinary team through complex IT and Cybersecurity assessments to objectively identify and evaluate risks that may adversely impact the security posture or operations of the business. To accomplish this, the Manager, Technology Audit will:

• Work with fellow Internal Audit professionals and partners to establish and uphold a top-tier audit methodology. This should incorporate automated testing of controls and a deep understanding of the technology stack's cybersecurity aspects, covering network, application, and operational technology security

• Customize audit plans according to the specific industry risks and compliance needs of the entity being audited. These plans should be aligned with the scope defined by the Digital Technology teams.

• Adopt a flexible strategy that adjusts to the technical setup of the entity under audit, considering their unique technology platforms and configurations.

Key Responsibilities:

• Assists in the design, development, and maintenance of a comprehensive technical audit methodology, based in technical expertise, and molded to the risk profile of the business.

• Leads the execution of comprehensive audit plans including objectives, audit procedures, audit budgets, and team schedules.

• Guides the audit team in applying appropriate audit procedures to the areas reviewed so that controls are tested from the perspective of business risk and that populations are fully covered.

• Reviews audit workpapers to ensure they are clear, complete, and well-organized.

• Helps to establish and manage use of automated workflows to increase the efficiency and coverage of risks within the audit process.

• Ensure that the in-scope business entity is fully aligned cross-functionally within the business unit and external to the enterprise for the implementation of sustainable, systemic action plans that address root cause and reduce attack surface.

• Identifies opportunities for improvement to audit methodology, tools, and training.

• Stays current on relevant business risks (e.g., current events, audit trends, emerging technologies, cybersecurity, etc.) and determines where appropriate to apply to engagements.

• Leverages audit to educate management on complex technical risks, the application of control frameworks, and the quantitative management of risks.

• Manages and develops direct reports to strengthen leadership capability and audit competency.

• Coaches their audit team members in building audit, BU, and cyber knowledge.

Minimum Requirements:

• Bachelor’s degree from accredited university or college with minimum of 4 years of professional experience OR associate degree with minimum of 7 years of professional experience OR High School Diploma with minimum of 9 years of professional experience.

• Bachelor's degree in computer science or in "STEM" Majors (Science, Technology, Engineering and Math) or Business Administration with a minor in Computer Information Technology is preferred.

• Minimum of 3 years of professional experience in IT Governance, IT Risk, IT Audit, IT - Operations or related fields, preferably with a Fortune 1000 companies or Big 4 assurance organization.

• Experience using some of the industry standards/framework, such as NIST 800-53, NIST 800-171, NIST Privacy Framework, CSA CCM, ISO 27001, ITIL v3, COBIT and FAIR is desirable.

• Knowledge and experience in one or more of the following IT Operational Functions: IAM, Asset Management, Operational Technology, Network Security, and Data Privacy.

• Obtained or in-progress of obtaining one or more IT Audit or Cybersecurity certifications (CISA, CISM, CISSP, CEH, CRISC, etc.).

Note:

The base pay range for this position is $95,900.00- $159,800.00. The specific pay offered may be influenced by a variety of factors, including the candidate’s experience, education, and skill set. This position is also eligible for an annual discretionary bonus based on a percentage of your base salary/ commission based on the plan. This posting is expected to close on September 16, 2024.

Healthcare benefits include medical, dental, vision, and prescription drug coverage; access to a Health Coach, a 24/7 nurse-based resource; and access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services. Retirement benefits include the GE Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and planning consultants. Other benefits include tuition assistance, adoption assistance, paid parental leave, disability insurance, life insurance, and paid time-off for vacation or illness.

General Electric Company, Ropcor, Inc., their successors, and in some cases their affiliates, each sponsor certain employee benefit plans or programs ( i.e ., is a “Sponsor”). Each Sponsor reserves the right to terminate, amend, suspend, replace, or modify its benefit plans and programs at any time and for any reason, in its sole discretion. No individual has a vested right to any benefit under a Sponsor’s welfare benefit plan or program. This document does not create a contract of employment with any individual.

Eligibility Requirement:

• Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.

Preferred Experience:

• 8+ years of professional experience in IT Governance, IT Risk, IT Audit, IT Operations or related fields, preferably with a Fortune 1000 companies or Big 4 assurance organization.

• Understanding of regulatory and external requirements as they relate to IT, privacy and cybersecurity for regulations such as CMMC and SOX.

• Proven ability to handle scale, change agenda, pace and overall complexity.

• Track record of working alongside business leaders, positioning internal audit as a strategic partner, identifying and helping mitigate risk.

• Superior business acumen; ability to build strong relationships and trust with company leadership and business process owners.

• Modern Audit/ Data-Driven Approach-- Track record of leveraging technology and using data to drive insights and actions.

• Strong quantitative and qualitative analysis skills; ability to take large volumes of complex information and present it in a clear and concise manner; uses data and a cogent problem-solving methodology in decision making and impact assessment.

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

As a federal government contractor, GE may in the future be required to have U.S. employees fully vaccinated against COVID-19. Some GE customers currently have vaccination mandates that may apply to GE employees.

Relocation Assistance Provided: No

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

#LI-Remote - This is a remote position