This role will be responsible for performing risk assessments and internal audits, including associated tasks (e.g., risk assessment, data collection and filing, issue/risk log, timely reporting of results, etc.). The activities include working with cross functional teams to ensure the appropriate design and effectiveness of Cornerstone controls, coordinating internal assessments/audits, contributing to policy and standards updates, responding to customer assessment/audit requests, and producing risk/audit/compliance reports, metrics, scorecards and dashboards.
In this role you will..
- Work closely with the global Security and Compliance Team to implement security standards across the organization
Perform IT audits, security compliance and risk assessments in all areas of the organization in line with the global Internal Audit schedule - Ensure audit findings and evidence are collected, reviewed, remediated, and presented in a clear and concise manner
Want more jobs like this?
Get jobs delivered to your inbox every week.
Document quality audit procedures, recommend remediation plans and liaise independently with stakeholders to validate implementation
You've got what it takes if you have..
- More than 3 years of experience in information security, compliance, audit and/or risk management
- Experience performing IT / Information Security audits
- Experience in auditing IT general controls, including logical security, physical security, change and problem management, data backup, and disaster recovery
- Experience performing security risk assessments and developing risk mitigation strategies
- Adequate knowledge of latest security tools, technologies and control best practices for I&AM, encryption, system hardening, anti-malware, data leakage prevention, IDS/IPS, network architecture security, vulnerability management, etc.
Experience with major security frameworks (e.g., ISO 27001, SSAE 18, NIST, PCI DSS) - Exposure to auditing and/or securing leading cloud PaaS technologies platforms such as Amazon AWS, Google Cloud and Microsoft Azure
- Maintain or planning to obtain professional certifications, such as CISA and ISO 27001 Lead Auditor/Implementer
- Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism
- Excellent data analysis, documentation and articulation skills
- Excellent communication, presentation and collaboration skills
- Proficient with Microsoft Word, Excel, Access and other MS Office tools
- Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment
- Consideration for privacy and security obligations
#LI-Onsite