IT Audit & Controls Manager

Description

Build your Career with an Industry Leader

As the global leader of premium labels, MCC helps brands stand out in competitive markets and inspire positive consumer experiences. Backed by over a century of printing experience, MCC is focused on the future by developing consumer-driven innovations and sustainable packaging solutions. Working for our team, you can truly make a difference.

Overview of the Job:

The IT Audit & Controls Manager/Senior Manager will play a leading role in the development, implementation and enhancement of the IT control environment across MCC Label’s global operations. This role will focus on compliance with Sarbanes-Oxley (SOX) requirements for the IT systems and functions, evaluating IT General Controls (ITGCs), and aligning practices with recognized IT standards and frameworks. The ideal candidate will have deep expertise in IT audit and controls, experience with enterprise systems such as SAP or Oracle, and a strong understanding of SOX compliance requirements for IT. This position reports directly to the Chief Auditor.

Job Responsibilities:

IT Controls & Governance

• Oversee the documentation and evaluation of IT processes and controls.
• Develop and maintain IT control frameworks aligned with industry standards (e.g., COBIT, NIST, ISO).
• Collaborate with IT and business stakeholders to identify control gaps and recommend improvements.
• Lead the assessment and testing of ITGCs in accordance with SOX requirements.
• Coordinate with external auditors and manage IT audit requests and findings in collaboration with IT Compliance.
• Evaluate the effectiveness of the Company’s IT governance frameworks. Assess the adequacy and timeliness of significant risk items being escalated to senior management.
• Monitor compliance with internal policies and regulatory requirements.
• Support the implementation of new systems and changes to ensure control requirements are included in project requirements and technical specifications, and implemented as a part of the final solution (control by design).
• Provide training and guidance on IT controls and compliance to internal teams.
• Continuously promote and improve effectiveness and efficiency in IT internal control practices.
  
  
  

IT Audit Planning & Execution

• Maintain the IT audit universe to support ongoing enterprise-wide IT risk assessment to identify IT-related issues and risks to be addressed by the internal audit plan.
• Develop the annual IT audit plan, as a part of the overall internal audit plan, using a risk-based approach, to address SOX requirements as well as other IT-related risks.
• Plan, manage and execute IT audit projects as specified in the internal audit plan adhering to Internal Audit Department methodology and standards. Supervise and review the work of internal audit staff or co-source resources assigned to projects.
• Provide technical and IT systems expertise to support financial and operational audit activities.
• Develop high-quality and insightful internal audit reports or other deliverables to effectively communicate results, findings or deficiencies, and recommendations for improvement.
• Monitor and report the status of outstanding management action items to address audit findings and deficiencies.
  
  
  

Team Management

• Although this role will initially be an individual contributor, as the Internal Audit team grows, this role will supervise and lead the IT audit team members. This role will also supervise co-sourced resources.
• Collaborate with the Internal Audit leadership team on resource planning to support the present and future audit plans.
• Assist with the overall supervision of internal audit staff, including assisting with staff professional development, evaluation and sharing IT audit and controls expertise with the broader team.
• Stay updated on emerging IT risks, evolving trends, IT control and security standards, relevant regulations and compliance requirements, and best practices, and support the team in the same.
  
  
  

Team Culture & Collaboration

• Adopt a high performance, people-powered culture, providing high expectations and high support for the IT organization, finance teams and broader business stakeholders.
• Act as a focal point for effective communication and resolution of IT related internal control, security and audit issues and decisions.
• Build strong working relationships with internal stakeholders and leaders across the global organization.
• Influence and collaborate across functions, geographies at all levels of the organization in order to gain buy-in and manage change independent of reporting relationships or specific authority.
• Work closely with other risk, control and audit functions, including external auditors, to provide effective coordination of governance, risk, control and audit activities.
  
  
  

Job Requirements:

• Minimum 7 to 10 years experience, including at least 3 years of supervisory experience, working in IT risk management, IT controls and compliance, IT audit or IT security (cybersecurity) either for a professional services firm or global, multinational organization preferably in the manufacturing industry.
• Undergraduate or professional degree in business information systems, accounting, computer science or other relevant discipline.
• Professional certifications such as CISA, CISSP, risk and control certifications or CIA are highly desirable.
• Strong knowledge of IT auditing and internal control concepts, principles, frameworks and standards, and Sarbanes-Oxley (SOX) compliance requirements related to IT.
• Strong knowledge and extensive experience working with SAP and/or Oracle ERP systems.
• Strong analytical skills and experience with data analytics, continuous monitoring and process mining.
• Excellent communication and interpersonal skills, with the ability to effectively interact independently with stakeholders at all levels of the organization. Ability to communicate technical topics effectively in a manner that non-technical stakeholders can understand.
• Excellent written communication skills and ability to present technical, complex topics and detailed data effectively for audiences at all levels of the organization.
• Experienced in managing diverse, global teams including employee development and performance management.
• Strong project management skills and ability to work in a fast-paced environment, prioritize tasks and competing priorities, manage multiple concurrent projects and activities, and meet deadlines with high attention to detail and quality of deliverables.
• Strong critical thinking, problem solving and decision making skills. Ability to manage through ambiguity and work with available resources even though they may not be fully adequate or ideal.
• Flexibility to adapt to changing priorities and willingness to take on new challenges.
• Experience working with a variety of global cultures including Europe and Asia, and ability to manage work across multiple time zones.
• Experience working with external auditors.
• Fluent in both spoken and written English.
• We welcome applicants worldwide, and the role offers flexibility to work remotely from any location.
  
  
  

Diversity & Inclusion:

Multi-Color is committed to providing equal employment opportunities and prohibits discrimination based on race, color, religion, sex, national origin, age, disability, veteran status, or any other protected characteristic under applicable law. If you need assistance or an accommodation in applying, please contact our Human Resources Department at [email protected].