Working with Us
Challenging. Meaningful. Life-changing. Those aren’t words that are usually associated with a job. But working at Bristol Myers Squibb is anything but usual. Here, uniquely interesting work happens every day, in every department. From optimizing a production line to the latest breakthroughs in cell therapy, this is work that transforms the lives of patients, and the careers of those who do it. You’ll get the chance to grow and thrive through opportunities uncommon in scale and scope, alongside high-achieving teams. Take your career farther than you thought possible.

Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives. Read more: careers.bms.com/working-with-us.

The Analyst III - IT Audit in GIA will work in a team environment to plan and execute dynamic risk-based audits and identify value-added recommendations to strengthen Company processes and controls.  Audits will include U.S.-based operations, international Company subsidiaries, strategic initiatives, critical business processes, and key third-party outsourcing arrangements.  Throughout the audits, the Analyst III will have the opportunity to interact with senior management and enhance oral and written communication skills. 

Key Responsibilities

• Work collaboratively with audit teams to execute IT, operational and integrated audits.
• Conduct planning activities to identify significant risks and develop appropriate risk-based audit procedures.
• Research applicable policies, guidance, regulations, and manage the day-to-day activities of the audit to drive assigned sections of the audit with high quality and within deadlines.
• Collect and analyze necessary data for audits, evaluate information and draw logical conclusions.
• Design and execute standalone data analytics to support audit findings and business requests.
• Leverage existing data analytics and assist with build and enhancement projects, when assigned.
• Interview key personnel to assess business processes and the strength of their control environments.
• Identify meaningful value-added recommendations for management to improve the adequacy, effectiveness, and efficiency of controls and related processes.
• Lead meetings involving various levels of management to effectively communicate audit status, align on significant audit issues and recommended corrective actions.
• Prepare clear, detailed audit documentation evidencing the results of actual testing procedures in accordance with BMS and the Institute of Internal Auditors (IIA) standards.
• Prepare audit reports, including clearly written, concise audit observations that effectively communicate identified issues and their related corrective actions to key stakeholders.
• Participate with the team in at least two weeks of annual training in addition to regular departmental meetings that include sharing best practices.
• Participate in departmental projects as assigned (e.g., audit lessons learned, training, continuous improvement).
• Communicate clearly and candidly with the affiliate (including during status meetings) and demonstrate executive presence at internal team meetings and meetings with the affiliate.  Actively listen to affiliate while exercising professional skepticism.
• Coaching team members with the specifics and a suggested action plan where appropriate. 
• May perform other duties and responsibilities as assigned.

Qualifications & Experience

• A BA/BS degree in Information Sciences, Computer Sciences, Data Sciences, Accounting, Finance, or other business discipline is required.  MBA or other advanced degree is preferred.
• A minimum of 5 - 6 years prior audit experience, including experience in IT or operational auditing, IT, risk management, and/or compliance is required. 
• Professional certification is strongly preferred (i.e., CISA, CIA, CISSP or equivalent).
• Knowledge of IT framework and standards (e.g., COBIT, NIST, ISO 27001, GTAG), IT General Controls, System Development Lifecycle and IIA standards is required.
• English fluency, strong verbal and written communication skills are required.  Experience in developing written reports and delivering presentations is preferred.
• Experience in auditing cybersecurity, data privacy and system implementations is strongly preferred.
• Analytical and computer skills, including proficiency with MS Teams/Excel/Word/PowerPoint/OneNote, are required.  Data analytics experience and ERPs, such as SAP, is preferred.
• Ability to travel up to 20% of the time is required, including international travel for up to three weeks at a time.

Desirable Qualifications & Experience

• MBA or other advanced degree
• Experience with Internal Audit, and/or Big Four/other consulting firms
• Experience in developing written reports and delivering presentations.

Professional Characteristics

• Quick Learner:  Able to identify risk and quickly develop an understanding of complex processes.  Is self-motivated and works effectively in ambiguous situations and adapts quickly in a rapidly changing environment.
• Action-Oriented: Pursues tasks with a sense of urgency.  Shows accountability by taking ownership of assigned responsibilities and completing them on time, with the highest quality.
• Critical Thinking: Gathers relevant information and critically evaluates it to define next steps and propose a solution.
• Effective Communicator: Displays excellent ability to communicate across various levels of management, including with executives, to explain identified issues and related corrective actions.
• Project Management: Demonstrates speed and innovation to get things done; can simplify complex processes; knows of and can leverage resources to drive tasks/projects forward across functions and within the function.
• Team Player: Works well in a team environment, fostering inclusion and building effective relationships with both team members and customers.
• Development-Oriented: Committed to and actively works toward continuous improvement, including self-development.
• Integrity: Exhibits passion for the work that they do and demonstrates the ethical behavior expected of an internal audit function.

If you come across a role that intrigues you but doesn’t perfectly line up with your resume, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.

Uniquely Interesting Work, Life-changing Careers
With a single vision as inspiring as “Transforming patients’ lives through science™ ”, every BMS employee plays an integral role in work that goes far beyond ordinary. Each of us is empowered to apply our individual talents and unique perspectives in a supportive culture, promoting global participation in clinical trials, while our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.

On-site Protocol

BMS has an occupancy structure that determines where an employee is required to conduct their work. This structure includes site-essential, site-by-design, field-based and remote-by-design jobs. The occupancy type that you are assigned is determined by the nature and responsibilities of your role:

Site-essential roles require 100% of shifts onsite at your assigned facility. Site-by-design roles may be eligible for a hybrid work model with at least 50% onsite at your assigned facility. For these roles, onsite presence is considered an essential job function and is critical to collaboration, innovation, productivity, and a positive Company culture. For field-based and remote-by-design roles the ability to physically travel to visit customers, patients or business partners and to attend meetings on behalf of BMS as directed is an essential job function.

Supporting People with Disabilities

BMS is dedicated to ensuring that people with disabilities can excel through a transparent recruitment process, reasonable workplace accommodations/adjustments and ongoing support in their roles. Applicants can request a reasonable workplace accommodation/adjustment prior to accepting a job offer. If you require reasonable accommodations/adjustments in completing this application, or in any part of the recruitment process, direct your inquiries to [email protected]. Visit careers.bms.com/eeo-accessibility to access our complete Equal Employment Opportunity statement.

Candidate Rights

BMS will consider for employment qualified applicants with arrest and conviction records, pursuant to applicable laws in your area.

If you live in or expect to work from Los Angeles County if hired for this position, please visit this page for important additional information: https://careers.bms.com/california-residents/

Data Protection

We will never request payments, financial information, or social security numbers during our application or recruitment process. Learn more about protecting yourself at https://careers.bms.com/fraud-protection.

Any data processed in connection with role applications will be treated in accordance with applicable data privacy policies and regulations.

If you believe that the job posting is missing information required by local law or incorrect in any way, please contact BMS at [email protected]. Please provide the Job Title and Requisition number so we can review. Communications related to your application should not be sent to this email and you will not receive a response. Inquiries related to the status of your application should be directed to Chat with Ripley.

R1598825 : Analyst III, Global Internal Audit & Assurance - IT Audit