Job Description

One of America's most recognized companies, Union Pacific Railroad is building America for all generations by connecting our nation's businesses and communities to each other and the world. Union Pacific provides value to its roughly 10,000 customers by delivering products in a safe, reliable, fuel-efficient, and environmentally responsible manner. The railroad's diversified business mix includes Agricultural Products, Automotive, Chemicals, Coal, Industrial Products, and Intermodal. Union Pacific is powered by the best employees in the industry, moving the railroad further than it's ever been before. We work together, embrace diversity, and create opportunity for all. We promote an inclusive environment where people from varied backgrounds can be their best, reflect the communities where we live and work, and deliver a competitive advantage.

In 2021 Union Pacific received the following Awards:

50 Out Front Best Place to Work for Women & Diverse Managers by Diversity MBA
Gold Medallion Winner by HIRE Vets
Top 50 companies for Diversity Noteworthy List by Diversity Inc

The Team:

The Finance Department plays an integral role in all strategic decisions at Union Pacific. Finance employees see more than just numbers when they look at data. They create compelling stories based on patterns and trends. Our employees are constantly challenged to learn new technology and new ways of thinking. The Audit team is responsible for the overall strategy for planning and executing cyber / IT assurance audits with an emphasis on cybersecurity.

What we Offer:

A strengths-based, engagement-focused and performance-oriented culture
A flexible, casual and hybrid work environment that allows you to work on-site and from home up to 50%
Ongoing learning, development and rotational opportunities and Educational Assistance (including little to no out-of-pocket cost for online and in-person courses at the University of Nebraska at Omaha)
401(k) with 100% match up to 6%, plus additional automatic 3% (contribute 6% and UP will contribute 9% [6% + 3%])
Employee Stock Purchase Plan with 40% match up to 5% (contribute 5% and UP will contribute 2%)
Medical, dental and vision insurance, company-paid disability, life, and AD&D insurance
Health Savings Account (with company contribution) Dependent Care Savings Account and Transportation Spending Account
On-site cafeteria (with employee discount), fitness center (free to employees), federal credit union
Wellness and Employee Assistance Programs
Adoption/Surrogacy Assistance, paid Maternity and Parental Leave along with nearby state-of-the-art child development center
Competitive compensation including eligibility for annual merit, bonus, and equity programs dependent on job level and personal and company performance
The annual base salary range for this position is $115,500-$154,000 (Director), $132,375-$176,500 (Sr Director). Base pay offered will vary depending on job-related knowledge, skills, and experience

Key Job Responsibilities:

This position supports the execution and deployment of the audit strategy consistent with the Corporate Audit and Audit Committee charters. This responsibility includes setting the strategy for selecting audit subjects, setting audit frequencies, determining the scope of audit work, allocating resources to audit assignments and applying appropriate steps to accomplish audit objectives in an effort to achieve Corporate Audit's objectives and goals. The incumbent presents audit results to the CEO, CFO and Controller as well as the Audit Committee of the Board of Directors.

Accountabilities

Execute and refine the overall Cyber/IT audit strategy to ensure audit coverage aligns with Company strategy and incorporates consideration of new and emerging cybersecurity risks
Provide oversight and guidance during the execution of cyber audits to ensure testing is sufficient to provide reasonable assurance aligned with reputable frameworks (e.g., CIS Controls, NIST CSF, COBIT, etc.)
Manage and lead external relationships with co-sourced cybersecurity/audit resources and external consultants as needed
Develop audit plans that focus on stakeholder alignment by listening to customer needs
Lead teams and develop audit processes that focus on quality audit standards by applying experienced knowledge of Union Pacific and Institute of Internal Audit (IIA) standards
Provide team environment to foster growth and development of talent management through individually coaching and feedback sessions with audit team members
Execute engagement level risk assessments to focus on the highest risk areas in combination with creation of audit testing procedures that produces unique value added assurance
Provide independent assurance to the Board of Directors that internal controls are sufficiently mitigating risk to achieve business objectives. Engage with management to ensure audit issues are responded to with an appropriate action plan and validate management's implementation of action plan has occurred timely
Support General Auditor (Chief Audit Executive) in managing the Corporate Audit department as a member of the audit senior management team by leading initiatives and providing input on strategic department decisions
Lead strategic initiatives & advise team members, including supporting Quality Assurance Improvement Program (QAIP) team and consulting engagements
Perform all other duties as assigned

Qualifications

Required

A Bachelor of Science degree in MIS, Computer Science, Computer Engineering, Cybersecurity, or related field. Additional degrees may be considered if candidate has work experience in cybersecurity or cyber/IT audit
6 or more years of work experience with preference for 8+ years (Director) and 8 or more years of work experience with preference for 10+ years (Sr Director)
Advanced verbal and written communication skills
Solid understanding of cybersecurity frameworks (NIST CSF, CIS Controls), control objectives, cyber threats and vulnerabilities

Preferred

Audit, Cybersecurity and/or related professional certification(s)
2 or more years of work experience managing employees with preference leading a staff of cybersecurity or audit professionals
5 or more years of work experience in the area of Cybersecurity or IT Audit
Experience implementing or assessing cybersecurity against the CIS or NIST CSF framework
2 or more years of work experience with one or more scripting languages: Perl, Python, PowerShell
Master of Business Administration or other Masters level degree

Work Conditions

18 years of age or older