Share this Job

Title:  Director, IT Audit

Requisition ID:  19506-159

Atlanta, GA, US, 30328

Category:  Accounting and Finance
Travel:  No Travel Required



The Director, IT Audit, will be a key member of the Internal Audit Leadership team leading the IT Audit function and  implementing strategic and operational plans related to Internal Audit’s vision, mission, and overall goals and objectives.  The Director will deliver independent, objective assurance and advisory services with a focus on systems, cybersecurity, data privacy and protection, acquisition integration, and financial reporting controls, while managing the IT internal audit team globally (including IT co-source) and supporting the SOX program, as needed. Key liaison with IT leadership, especially IT Risk Management.   This includes assessing risk and assuring Graphic Packaging is positioned to achieve its strategic objectives. The Director will manage the IT internal audit team including IT co-source resources.



JOB FUNCTIONS: Job functions include, but are not limited to the following. 

This position will be responsible for planning, performing, and reporting audit activities related to the Company’s SAP S/4 transformation, IT environment, IT risks, and other IT matters including implementation reviews, audit support, and control design and verification procedures.




PRIMARY RESPONSIBILITIES are, but not limited to the following:


  • This role will help establish IT Governance, Compliance, and Audit strategies throughout the organization
  • Develops and maintains the annual IT internal audit plan, including the risk assessment process
  • The IT Audit Director will be responsible for performing audits and reviews designed to analyze, assess, and strengthen the company’s technological infrastructure and internal control environment
  • The IT Audit Director will be expected to dive deep into the audits and lead from the front while also effectively influencing at all levels and working with stakeholders in a fast-paced environment
  • Specific areas of audit focus include, but are not limited to, IT governance, IT general controls, IT project management, IT infrastructure management, software development lifecycle, application security, application controls, emerging information security and cybersecurity risk, cloud architecture, and controls related to applications hosted in the cloud, data lifecycle management, data privacy, disaster recovery, and business continuity
  • Manage technology audits and the IT SOX compliance program, including the review of walkthroughs and testing of the operating effectiveness of controls and reporting
  • Participates in project management activities such as system pre-implementation and/or business process enhancements/re-engineering, where warranted and applicable, and provides value-add advice and insights.
  • Provide the technical understanding of SAP configurations as it relates to the design, development, and testing of automated controls
  • Provide design assistance and testing on identity access management tool implementation
  • Work closely with the company’s external auditor; provide appropriate support to the external auditors in the performance of walkthroughs, as well as IT related dependencies
  • Establish yourself as a trusted advisor to IT leadership and provide advice over relevant SAP considerations
  • Continuously improve internal audit approaches, tools, methodology and productivity





  • Minimum of a bachelor’s degree in Computer Science, Information Systems, Engineering, Information Technology, or Management Information Systems
  • Minimum 10 years of information technology experience
  • 5 years of proven experience in the design, testing, and implementation of business process controls and ITGCs in an SAP S/4 HANA environment, including both SAP automated and manual controls
  • 3 years of working with segregation of duty frameworks and associated mitigating controls
  • 3 years of leading projects, managing budget, and resource management
  • Understands and applies The IIA’s International Standards for the Professional Practice of Internal Auditing, COSO 2013, ISACA’s COBIT 5, Sarbanes-Oxley Act, etc.
  • Overall understanding of SAP and knowledge of SAP GRC Process Control or other similar compliance tools
  • General knowledge of ITGCs and networks
  • Knowledge of Cyber domains such as Cyber Governance, Application Security, Controls and Compliance, Data Privacy and Protection, Infrastructure Security, Identity and Access Management, Monitoring and Response; and Operational Security
  • Available for potential domestic and international travel (10%-25%)



  • General schedule is an 8-hour M-F assignment, however, employee must be willing to work alternate schedules occasionally; that may include early mornings, nights, and/or weekends and be punctual while doing so. 




  • Sitting or standing for extended periods of time up to 8-hours.
  • Occasional Lifting up to 20 lbs.
  • Reading computer screen or other electronic devices.
  • Use of various office hand and electrical tools or equipment.


Required Experience

At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We’re one of the largest manufacturers of paperboard and paper-based packaging for some of the world’s most recognized brands of food, beverage, foodservice, household, personal care and pet products. Headquartered in Atlanta, Georgia, we are collaborative, diverse, innovative individuals who create inspired packaging while giving back to our communities. With over 25,000 employees working in more than 130 locations worldwide, we strive to be environmentally responsible in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry’s best to reward the talented people who make our company successful. If this sounds like something you would like to be a part of, we’d love to hear from you. Learn more about us at

Inspired Packaging. A World of Difference.

Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law. Click here to view the Poster, EEO is the Law.

Nearest Major Market: Atlanta

Job Segment: Testing, Cloud, Internal Audit, Information Systems, ERP, Technology, Finance