Posted 123 months ago
Senior IT auditor
AI Summary
Senior IT auditor Our client who is a Fortune 500 Financial Services Company is looking for talented Senior IT auditors. • Auditingo Perform SOX IT testing for the Company’s operating units.o Formulate recommendations to improve internal control processes, work programs and other SOX compliance efforts, as appropriate.o Follow up on outstanding action points within an agreed timetable and ensure that all issues are closed in a timely fashion.o Scope of audits may include any of the following:
About this role
Senior IT auditor
Our client who is a Fortune 500 Financial Services Company is looking for talented Senior IT auditors.
• Auditing
o Perform SOX IT testing for the Company’s operating units.
o Formulate recommendations to improve internal control processes, work programs and other SOX compliance efforts, as appropriate.
o Follow up on outstanding action points within an agreed timetable and ensure that all issues are closed in a timely fashion.
o Scope of audits may include any of the following:
IT general controls –testing of change management, security administration, computer operations, physical security, and other relevant IT general controls
Information Security – execution of audits to ensure compliance with Information Security standards
Financial Audit Assistance – support financial and operational internal auditors by extracting and analyzing data from financial systems using software tools such as IDEA.
• Business Unit Assistance:
o Provide advisory services to business units relative to the design of application controls and security related controls for system implementations with a view to building in internal controls that are commensurate with the size and complexity of the operations.
o Work on special technology-related projects for business units, as requested.
• Communication:
o Participation in internal planning meetings and regular communications within the Internal Audit Department.
o Regular contact with the VP and SVP of Internal Audit and communication of plans and activities.
o Regular contact with business unit IT management and maintenance of knowledge of business unit plans and strategies.
Qualifications
• BA/BS degree in Management Information Systems, Computer Science, or related field
• 3+ years of working experience in Information Security, IT audit and/or IT SOX Compliance
• Solid operational understanding of Identity and Access Management technologies and methodologies across multilayer and multi-technology networks, system, application and databases.
• Operational knowledge of infrastructure technologies and diverse operating systems (e.g., Virtualization, z/OS, z/VSE, UNIX/Linux and Windows platforms), Network security devices (e.g.,firewalls, intrusion detection and prevention systems, proxies, network taps), and relational databases (e.g., Oracle, Microsoft SQL, AS400, DB2, IBM Mainframe)
• Understanding of Information Security industry auditing tools (e.g., CIS Benchmarking Tool, Rapid 7, Symantec Control Compliance Suite CCS)
• Solid understanding of Backup and Recovery best practices and methodologies as well as the industry technologies utilized (e.g.,NetBackups)
• Conceptual understanding of PCI, ISO/IEC 27000 series, ITIL and COBIT standards, European data protection, IT infrastructure and processes, IT governance, project management, principles of internal controls
• Ability to independently evaluate controls over security processes, infrastructure, network, applications and databases according to established timetables and requirements
• Security and Audit certifications (e.g., CIPP, CISSP, CISM, or CISA) are desirable
Additional Information
65-95k plus bonus