Overview
As a Compliance Internal Auditor (IT) in the Compliance Standards & Data Privacy organization within Certara, you are part of a global, fast-paced IT organization with the primary mission to provide capable & resilient world class oversight and guidance to professional services, software, and corporate business units ensuring our team members have the ability to perform as the highest level in service of our customers.
The Compliance Standards & Data Privacy function relies on experience and judgment to plan and accomplish goals through implementation of GRC best practice methodologies, governance, and tooling. The Compliance Internal Audit (IT) role will assist with the implementation and verification of Certara’s compliance program(s), including correlating audit management and customer touchpoints. Working across disciplines, the role will help drive consistency of the GRC program and provide responsive support for internal stakeholders in the delivery of consultancy services and software to customers.
The role requires understanding of consulting services & software organizations as well as internal corporate functions. This is a hands-on position and requires top notch organizational and time management skills to ensure requests are completed.
*Candidates must be able to relocate within 60 days to either Sheffield, United Kingdom; Berlin, Germany; or Budapest, Hungary OR be within close proximity to these areas.*
Responsibilities
Controls & Compliance
1. Work with business and technology delivery teams to maintain an effective suite of applicable compliance
controls, adapting to changes in products, business processes, and technology solutions when necessary.
2. Assist with continually improving information security policies, procedures, standards and guidelines, and
monitor their approval, dissemination, and maintenance.
3. Perform risk assessments and pre-implementation reviews to determine security, operational, and
compliance risks and opportunities, and formulate clear recommendations for management’s
consideration.
4. Identify, understand, and document processes and procedures surrounding IT internal controls.
5. Participate in oversight of third-party relationship risk management with respect to IT controls.
6. Cross train on Compliance program(s) to ensure proper coverage/backups and also hinder duplication
across programs.
Audit Management
7. Maintain internal audit program for the assigned Compliance program(s).
8. Document and report on inconsistencies between control evidence and policies/procedures.
9. Assist teams to implement assessment or audit finding remediation plans, while minimizing the impact on
the business.
10. Conduct follow-up reviews of any deficiencies noted during audits.
Customer Touchpoints
11. Attend client audits to respond to queries related to assigned Compliance program(s).
12. Respond to/review customer RFI/RFP and security questionnaires
Qualifications
13. 2+ years of compliance experience in a Governance, Risk, Compliance function
14. 2+ years of experience in a technical role (IT or software development) preferred in Healthcare Industry
15. Basic knowledge of NIST and/or ISO standard framework
16. Resourceful in an ambiguous environment
17. Exceptional problem solving and communication skills
18. Top notch organizational and time management skills
19. Desire to continuously improve the business and one’s own knowledge
20. Knowledge of current Governance, Risk and Compliance (GRC) technological tools and methodologies
21. Understanding of GRC tooling and platforms, experience with Atlassian products and/or SharePoint in the delivery
of documentation
22. Knowledge of US and international regulations and laws related to IT-related compliance standards within the
financial services industry is a plus
Certara bases all employment-related decision on merit, taking into consideration qualifications, skills, achievement, and performance. We treat all applicants and employees without regard to personal characteristics such as race, color, ethnicity, religion, sex, sexual orientation, age, nationality, marital status, pregnancy, physical or mental condition, genetic information, military service, or other characteristic protected by law.