Job
Description
As Cyber Security Auditor, Duties Will Include Understand engagement objectives and assist the audit lead in preparing the plan and testing procedures to meet the review objectives Gather detailed understanding of relevant IT and business processes systems and controls. Leading performance of risk assessments and controls evaluations. Identify areas to leverage data analytics Perform engagements in accordance with the planned scope/risk areas. Assist in tracking and reporting project status and milestones. Ensure that work paper documentation is of the highest quality and adheres to the client's standards Driving discussions/agreements on detailed audit findings with the audit team and management prior to the final report issuance to ensure clear understanding and consideration about the noted issues and the related actions to be implemented Formulate risk assessments on complex systems, applications, and networks Create Business Impact Analysis (BIA), Risk Assessment (RA), and Corrective Action Plan (CAP) documentation for all systems Develop recommendations to increase security posture Communicate recommendations to stakeholders Identify both process and technical security deficiencies and vulnerabilities Audit Planning Risk Assessment Evaluate Risk Participate in organizational projects, as required Determine an appropriate strategy for related information security policy, standards, and procedures Validate all data sources are reporting and resolves missing sources Policy and Standards development Identify internal/external threats Proactively review the IT Security stack to better protect the organization and leverage resources Work with IT team to develop IT procedures and the policies around risk management Proactively identify areas to improve auditing coverage and processes Provide guidance, training, and awareness to the client and different stakeholders Desired Qualifications Bachelor’s degree in computer science, Engineering, Cyber Security, or a directly related field or previous related work experience and cyber security certifications (CISSP, CISM, Security+, CEH, Azure Security Engineer, CSFA) CISA required or willing to obtain within 3 months of employment Previous work experience and other related Cyber Security Certification (CISSP, CISM, Security+, CEH, CSFA, GSEC) 5+ years working in the Cyber Security field 2+ years of external or internal audit experience in IT systems Experience in Identity and Access Management, Infrastructure Security, Application Security, Data Governance and Security Experience in Cloud Security Experience in Third Party Risk Management Ability to work independently across multiple organizations Show more Show less
