Lead IT Auditor

Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.

With $82 billion in 2020 sales, Johnson & Johnson is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices and diagnostics markets! There are more than 265 Johnson & Johnson operating companies employing approximately 126,500 people and with products touching the lives of over a billion people every day, throughout the world. If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen!

Johnson & Johnson Global Audit & Assurance (GAA) organizationis seeking a Lead Information Technology (IT) Auditor. The preferred location for this position is New Brunswick, NJ.

Global Audit & Assurances primary mission is to provide independent, objective assurance and advisory services to assist management in maintaining compliance with government and industry regulations, mitigating risk and achieving operational excellence. To this end, the Lead IT Auditor conducts audits of information resources across the Johnson & Johnson Family of Companies to evaluate the adequacy of internal controls and to develop recommendations for improvement. Information resources include business critical applications such as SAP, JD Edwards, and BPCS, as well as the related technology infrastructure, data, facilities, organizations, privacy, cybersecurity and business processes.


  • Lead a team of auditors during audit engagements providing guidance, delegation, and feedback.

  • Influence without authority, both internal to GAA, and external partners (e.g., IT, Business/Process Owners).

  • Effectively lead Third Party co-source relationships for audit engagements.

  • Auditing of sophisticated IT environments serving as the Team Coordinator on audit engagements.

  • Performing the following audit activity with limited supervision from IT Audit Managers:

  • Capturing and analyzing information to identify key risks and corresponding controls.

  • Systematically testing and evaluating controls to verify efficiency and effectiveness of operation, reliability of information and compliance with applicable laws and regulations.

  • Recommending control improvements.

  • Communicating findings and recommendations to management.

  • Documenting audit work using automated audit management tools.

  • Performs root cause analysis and articulate control deficiencies and remediation techniques both internally and with client senior management.

  • Tracking, Monitoring and following-up on the status of corrective actions until closure.

  • Lead and perform ongoing risk's assessment of capabilities throughout the enterprise including but not limited to IT control design and processes.

  • Independently assess the design and operating efficiency of internal controls over financial reporting.

  • Coordinates & performs ongoing control's testing consistent with the J&J SOX 404 program guidelines.

  • Coordinate and manage interactions with multi-functional and cross-geographical teams both internally and externally, as necessary.

  • As part of the audit process the Lead IT Auditor identifies internal control best practices and promotes their adoption across the enterprise.

  • In addition, Lead IT Auditors provide training to other members of the Department and to affiliate organizations, and may lead Internal Audit improvement projects using appropriate methodologies.


  • A Bachelor's degree (BA/BS) is required.

  • 5+ years of assurance and advisory experience, preferably with a Big 4 or leading risk advisory/ public accounting firm Must have knowledge of Master Data, system configuration and process controls.

  • Experience with the design, development and implementation of internal controls for large ERP systems preferred.

  • Analytical skills; specifically, the ability to assess and decompose processes utilizing a risk and control focus.

  • Good understanding of IT & Information Security Management Frameworks and standards such as ISO, SANS, COBIT, ITIL, CSA and regulations such as SOX, PCI Compliance, HIPAA with demonstrated proficiency in one or more of the following areas is required: ERP systems (SAP, JD Edwards), information security, program/project management, and/or infrastructure services (operating systems, databases, network).

  • High level of self-confidence, strong people and client management skills and proven leadership ability, strong influencing skills

  • Experience interacting with all levels of management is required.

  • Exposure or understanding of control concepts and processes with practical experience in regulatory compliance, internal audits, risk management, process improvement preferred

  • A professional security, audit, or control-related certification, such as CISSP, CISA or CIA is strongly preferred.

  • Excellent presentation and written communication skills

  • English fluency (written and verbal) is required; fluency in multiple languages is a plus.

  • Must have the ability to work in a highly collaborative, team-oriented environment

  • Willingness to travel domestically and internationally is required (up to 40%)

    At Johnson & Johnson, were on a mission to change the trajectory of health for humanity. That starts by creating the worlds healthiest workforce. Through cutting-edge programs and policies, we empower the physical, mental, emotional and financial health of our employees and the ones they love. As such, candidates offered employment must show proof of COVID-19 vaccination or secure an approved accommodation prior to the commencement of employment to support the well-being of our employees, their families and the communities in which we live and work.

    Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

    For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

Primary Location

United States-New Jersey-New Brunswick-One Johnson & Johnson Plaza


Johnson & Johnson (6067)

Job Function

Info Technology

Requisition ID


Salary Range
$106,000.00 - $128,000.00
per Year
Salary range estimated by
salary estimation provided by zippia
New Brunswick, NJ, 08933, US