Audit Associate
Audit Associate
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Summary:
The Audit Associate is responsible for understanding security requirements to meet industry best practices with a focus on certification and regulatory requirements. As part of this role the Audit associate is responsible for mapping these requirements to security controls and actionable practices across various functions within the company. In some instances this individual will be responsible for designing security controls that best fit our environment while maintaining security compliance. Finally applying automation to as many controls as practicable to ensure ongoing compliance (e.g. evidence collection) and managing compliance programs from a centralized governance management system.
Duties and Responsibilities:
Support our ISO Audits and conduct internal audits and operational audits.
Review the business processes develop and update Risk and Control Matrices (RCM) flowcharts and testing procedures.
Prepare and maintain testing workpapers as well as ensure timely completion of testing Participate in assessing and analyzing the impact of control deficiencies and audit findings; gain stakeholder agreement on root causes of issues and appropriate corrective actions while maintaining positive business relationships.
Perform all phases of applicable audits including planning close meetings and reporting. Assist the Audit Lead and Chief Audit executive and other Stakeholders to identify areas of improvement as well as recommend industrywide best practices.
Desired Skills:
Bachelors degree preferred or equivalent combination
2 years of relevant work experience in ISO and/or Internal Audits.
Big 4 or similar auditing experience is desirable.
Experience in supporting the of ISO program control principles (e.g. COSO) and other internal audits.
Understanding of Information Security and Governance Risk and Compliance (GRC) terms terminology and practices.
Strong communication skills for communicating at various levels in the organization. Familiarity with common technical security controls and control frameworks such as ISO 27001/2/17/18 SOC2 GDPR NIST CSF NIST 80053 among others.
Industry recognized certifications are a plus e.g. COMPTIA etc.
Teamoriented and will promote and change through influence and partnership. Experience clearly articulating information security risk into business terms and presenting to company management.
Detail and team orientated; ability to work both independently and as a team member. Selfstarter ability to proactively problemsolve identify advocate for and execute improvements. Ability to maintain a positive attitude and embrace change thrive in a fastpaced environment.
Required Experience:
IC
Employment Type
Full-Time
