POSITION SUMMARY
This role is a high visibility, newly created opportunity. You will focus on reviewing information security processes to access the security posture of the targeted systems. You will evaluate logical and physical security. You will be responsible for the execution of high quality, risk-based audits of technology infrastructure, information security and other Sox 404 audits. The purpose of such audits is to determine the adequacy of controls intended to safeguard the company’s assets while restricting access to customer information and assuring reliable recording of transactions.
ESSENTIAL RESPONSIBILITIES
- Assists in the development of tools, training, policies and procedures to support the Information Security audit programs.
- Applies knowledge of latest cyber security industry trends, technology tools and practices to the audit process.
- Applies knowledge of intrusion detection, firewall and vulnerability assessment tools.
- Performs IT security audits related to reviewing controls surrounding effective vulnerability, security event and incident management.
- Ensures adequate attention to risk management and internal controls.
- Understands, analyzes and tests application and system infrastructure controls that manage business risks, including, but not limited to, those over data accuracy, completeness and process, systems development, change management, application or network security and entitlements, production management and technology governance.
- Performs audit test work to include selecting audit samples and obtaining, analyzing and evaluating evidential matter to determine that the auditee’s systems/processes are controlled, operate reliably and are in compliance with the policies and procedures established by Management.
- Prepares audit work papers documenting the procedures performed, documenting results of audit tests and conclusions formed regarding the adequacy of internal controls tested and compliance with those controls.
- Prepares draft report including audit findings and recommendations for audits conducted. Perform follow up procedures to monitor implementation of remediation plans.
- Plans, facilitates and supports outsourced IT audits by third parties.
- Facilitates and supports requests from External Auditor Firm and Bank Examiners.
- Studies and stays current with industry developments and technological advances.
- Regular and predictable attendance is an essential requirement of the position.
- Completes and remains current with all compliance training related to the position.
- Must understand applicable laws and regulations that pertain to the IT audit function for financial institutions and be capable of determining the extent of compliance with those requirements.
NON-ESSENTIAL FUNCTIONS
Manages time reporting for assigned audits.
Performs all other duties as assigned.
EXPERIENCE REQUIRED OR PREFERRED
- Prior internal audit experience in the financial services industry required
- Two (2)+ years of relevant work - Cybersecurity/IT audit required.
- Experience with Azure Cloud environments.
- Experience with vulnerability assessment and penetration tools.
- Experience with Cognos report writer.
- Experience with or knowledge of Cybersecurity frameworks.
REQUIRED SKILLS
- Able to communicate effectively at all levels of an organization and write comprehensive reports which may present issues of a complex and technical nature in simple to understand prose.
- Excellent written and oral communication skills required.
- Analytical and problem-solving skills with attention to detail required.
- Strong PC skills including Microsoft Word and Excel.
- Self-starter, good organization and ability to work on own.
- Ability to handle multiple tasks in a fast-paced environment.
- Ability to meet deadlines.
EDUCATION
Bachelor’s Degree in Computer Information Systems, Computer Science, Cybersecurity or equivalent required.
CERTIFICATION
One or more certifications in the information security field (such as CISA, CISM CISSP) required.
CIA certification is preferred.
TRAVEL REQUIREMENTS
Ability to travel as well as ability to travel overnight, as needed for meetings, projects, seminars, etc.
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals to perform the essential functions.
While performing the duties of this job, the employee is required to sit, stand and walk; use hands and fingers to operate keyboard and other office equipment; reach with hands and arms; and talk or hear. The employee is occasionally required to stoop or kneel. The employee may occasionally lift and/or move up to 10 pounds.
EQUIPMENT
MS Office PC, fax, phone and standard office equipment.
Apply Now
Activate JobCopilot
Your email job alert is now active!