Manager - IT Risk and Internal Controls

Date: May 6, 2023

Location: Wayne, PA OR Morrisville, NC, PA, US

Company: Teleflex

Expected Travel: Up to 25%

Requisition ID: 7767 

 

About Teleflex Incorporated

Teleflex is a global provider of clinically effective medical technologies designed to improve the health and quality of people’s lives. We apply purpose driven innovation – a relentless pursuit of identifying unmet clinical needs – to benefit patients and healthcare providers. Our portfolio is diverse, with solutions in the fields of vascular and interventional access, interventional cardiology, surgical, anesthesia, cardiac care, interventional urology, urology, emergency medicine and respiratory care. Teleflex employees worldwide are united in the understanding that what we do every day makes a difference. For more information, please visit teleflex.com.

 

Global Functions The Corporate division is the central operating unit of the company; setting strategy and policy and providing business development, finance, human resources, information technology, investor relations and legal support to the businesses. The global Company headquarters is located just outside of Philadelphia in Wayne, PA. Join a dynamic, growing team that offers healthcare providers an array of medical technology solutions that make a difference in patients’ lives.

Position Summary

The IT Risk and Internal Controls Manager will work with Global IT Leadership to ensure strong internal controls are appropriately designed and operating effectively to mitigate operational, financial and regulatory risks. This position will ensure risks are identified and internal controls are designed/implemented as part of  the global Systems Development Life Cycle (SDLC) and the annual IT strategic planning process. In addition, this position will liaison with key Business Partners and internal/external auditors on all matters relating to IT risk and controls. This position can work out of our Wayne, PA or Morrisville, NC office. 

Principal Responsibilities

•    Complete annual technology risk assessments in support of financial and resource planning.
•    Manage the execution and documentation review of IT General Controls supporting key financial systems (i.e. SOX) applications and infrastructure.
•    Lead the remediation program to achieve and maintain ISO/27001 certification.
•    Manage processes to maintain Payment Card Industry (PCI) compliance.
•    Executive reporting and communications relative to IT and Cybersecurity risks and controls. 
•    Manage third-party inquiries relating internal controls and security.
•    Provide recommendations on policy and procedure enhancements.
•    Assist in managing security incident response program.
•    Coordinate and oversee all IT internal and external audit activities.
 

Education / Experience Requirements

•    A bachelor’s degree is required with an emphasis in management information systems, IT risk or related field.
•    Five - seven years of IT risk and controls experience with a similar position in a multinational, SEC-registered company or delivering similar services via a professional services firm.
•    Credentials including Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) and Certified Internal Auditor (CIA) preferred.
 

Specialized Skills / Other Requirements

•    Knowledge and deep experience in Sarbanes-Oxley Act of 2002 (SOX) control requirements, ISO/27001, National Institute of Standards and Technology (NIST),  and Payment Card Industry (PCI) frameworks and regulations.
•    Experience in developing and executing IT risk assessments aligned to industry standards such as NIST and ISO/27001.
•    Intermediate to advanced background in SAP internal controls and GRC platforms.
•    Experience in executing and evaluating service auditor reports (ex. SOC1/SOC2).
•    Ability to effectively lead projects while executing detailed tasks.
•    Strong time and document management skills with a attention to detail.
•    Strong communication skills in presenting IT internal controls and risk matters in a consumable manner across various forums and levels of the organization.
•    Ability to work independently in developing methodologies, programs, work plans and communications relating to IT risk and compliance.
•    Willing and able to travel (up to 25%), including internationally.
•    Ability to maintain a flexible work schedule (able to meet the requirements of the position as needed including ability to work evenings and weekends when necessary).

 

Teleflex, Inc. is an affirmative action & equal opportunity employer. D/V/M/F. Applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status. If you require accommodation to apply for a position, please contact us at: 262-439-1894.

Teleflex is the home of Arrow®, Deknatel®, Hudson RCI®, LMA®, Pilling®, Rüsch®, UroLift® and Weck® – trusted brands united by a common sense of purpose. Teleflex, the Teleflex logo, Arrow, Deknatel, Hudson RCI, LMA, Pilling, Rüsch, UroLift and Weck are trademarks or registered trademarks of Teleflex Incorporated or its affiliates, in the U.S. and/or other countries.

© 2021 Teleflex Incorporated. All rights reserved.


Nearest Major Market: Philadelphia