Risk Services - Cyber Security Audit Associate

Job Description & Summary 

Our Risk Services team partners with clients to analyze, assess, and address a wide range of risks, providing insights and assurances that are invaluable in today's high-risk business environment. We focus on building trust in digital and technology-enabled businesses, addressing issues such as data loss or misuse, market adaptability, system and process implementation, and third-party risk management. 

Join our Technology Risk Services and be part of a dynamic, global community of problem-solvers dedicated to building trust in society and tackling critical challenges. We value diversity and encourage innovative thinking, empowering our team members to lead with inspiration, challenge assumptions, and embrace new opportunities to deliver outstanding results with the aid of advanced technology. 

As part of the Cybersecurity & Data Privacy team, you will help clients enhance their security posture through services such as cybersecurity risk assessments, IT security testing, and technology regulatory compliance reviews. 

Your responsibilities:  

• Collaborate with the team to deliver comprehensive cybersecurity services to clients. 

• Assist in the planning and execution of technology and cybersecurity audits. 

• Collaborate with client’s teams to gather necessary audit evidence and documentation. 

• Evaluate the design and operating effectiveness of IT controls related to data security and cybersecurity  etc. 

• Identify potential risks, vulnerabilities, and areas for improvement within IT systems and processes. 

• Prepare clear and concise audit reports, including findings and recommendations for management. 

Exposure includes: 

• Conducting compliance reviews against technology standards and regulations such as CSA Cybersecurity Codes of Practice (CSA CcoP), ISO27001, and others. 

• Participating in cyber simulation exercises. 

• Supporting projects aimed at enhancing clients' cybersecurity posture, such as cybersecurity risk assessments and architecture security reviews. 

Required Skills: 

• A degree in Computer Science, Computer Engineering, Information Technology, or a non-IT degree with a focus on cybersecurity from reputable local or international universities. 

• Basic understanding of cybersecurity principles and IT audit frameworks (e.g., NIST, ISO 27001/2, COBIT). 

• Certified Information Systems Auditor (CISA) certification preferred 

• Strong analytical and problem-solving skills 

• Excellent written and verbal communication skills 

• Ability to work independently and as part of a team 

• Keen attention to detail and a commitment to accuracy 

• Familiarity with common IT audit tools and techniques is preferred