Vacancy expired!
- Manages third-party risk assessments for IT-related processes and systems ensuring adherence to security requirements.
- Assesses and interprets third-party documents and other pertinent source documents as necessary to support testing requirements and audit processes.
- Monitors open third-party security issues and remediation actions associated with security control gaps to ensure timely closure.
- Assist in developing policies, procedures and processes based on audit findings.
- Works across the Information Security team to ensure timely completion of client audit questionnaires.
- Answers client audit requests with a high degree of accuracy.
- Improves processes and procedures related to audit and client assurance.
- Prepares for and completes certification audits such as ISO 27001, ISO 22301, SOC 2.
- Assists with the development of action plans related to at-risk areas.
- Identifies improvement opportunities and provides recommendations to mature existing IT processes and controls in alignment with best practices.
- 2-3 years progressive experience ideally in a corporate setting in one or more of the following areas: IT Audit, IT Risk Management, Information Security, or IT Governance.
- Experience with performing technical risk assessments, analyzing risk, and providing recommendations on risk mitigation strategies in cloud and on-premises environments.
- The ideal candidate has experience as an Information Systems auditor and preferably acting as an auditor from a firm that does ISO or SOC certifications.
- Background in planning, scoping and managing audits in an ISO 27001 environment.
- Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties.
- A highly collaborative mindset with a strong desire to work closely with the business, development and technical operations teams.
- Bachelor's degree from an accredited college/university.
- Must possess and maintain one or more of the following industry recognized cybersecurity certifications: CISA, CISSP, CRISC, CISM or equivalent.
- ID: #40291981
- State: New York New york city 10019 New york city USA
- City: New york city
- Salary: Depends on Experience
- Job type: Permanent
- Showed: 2022-05-05
- Deadline: 2022-07-03
- Category: Et cetera