Cybersecurity Audit Analyst

Charlotte, VT - USA

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

Description

The Team: The Cybersecurity team is a growing group within the Hearst Internal Audit Department dedicated to providing independent and objective assurance over the organizations cybersecurity risk management and control environment. The team partners with business units and technology stakeholders to assess risk strengthen controls and support continuous improvement across Hearsts diverse global portfolio.

Responsibilities

Job Description/Key Responsibilities:

Assist in the planning and execution of cybersecurity and IT audits under the direction of audit leadership including walkthroughs control testing and evidence evaluation.
Perform testing of security controls related to access management vulnerability management change management incident response and thirdparty risk.
Document audit procedures results and conclusions in accordance with Internal Audit standards and methodologies.
Identify control gaps and potential risks escalating observations to senior team members with supporting evidence.
Support risk assessments and audit scoping activities by gathering background information on systems processes and technologies.
Participate in meetings with business and technology stakeholders to understand processes and validate audit observations.
Track remediation activities and assist in followup testing to validate corrective actions.
Leverage AI-enabled tools and automation to enhance audit efficiency including data analysis documentation risk identification and research activities while applying professional judgment to validate outputs.
Stay current on basic cybersecurity concepts emerging threats and industry standards to continuously build technical and audit knowledge.

Qualifications

Preferred Knowledge and Skills:

Foundational Cybersecurity Knowledge: Understanding of core security domains such as identity and access management network security vulnerability management and secure system configuration.
Audit & Risk Mindset: Familiarity with internal audit concepts risk assessment and control testing methodologies.
Framework Awareness: Working knowledge of cybersecurity and IT frameworks such as NIST CSF ISO 27001 COBIT or CIS Controls.
Analytical Skills: Ability to analyze evidence identify inconsistencies and clearly document findings.
Communication Skills: Ability to communicate effectively with audit team members and stakeholders both verbally and in writing.
Collaboration & Learning Orientation: Willingness to learn accept feedback and work collaboratively within a team environment.

Required Qualifications:

36 years of experience in IT audit cybersecurity information security or a related technical field.
Bachelors degree in Information Systems Computer Science Cybersecurity related discipline or relevant military IT cyber operations or intelligence experience providing equivalent technical and operational expertise.
Prior experience with a Big Four public accounting firm (Deloitte PwC EY or KPMG) typically 24 years with a focus on IT audit cybersecurity or technology risk.
Active professional certification required: CISA Security and/or CISSP.
Strong understanding of enterprise technology environments security controls and risk management concepts.
Ability to operate effectively in a multinational corporate environment and collaborate with diverse technical and business stakeholders.
Willingness and ability to travel domestically and internationally up to approximately 2530% as part of audit activities.
Fluent in English.

We operate a hybrid work environment. During weeks of non-travel 3 days a week in the Charlotte NC office is required.

Required Experience:

DescriptionThe Team: The Cybersecurity team is a growing group within the Hearst Internal Audit Department dedicated to providing independent and objective assurance over the organizations cybersecurity risk management and control environment. The team partners with business units and technology sta...

Description

Responsibilities

Job Description/Key Responsibilities:

Assist in the planning and execution of cybersecurity and IT audits under the direction of audit leadership including walkthroughs control testing and evidence evaluation.
Perform testing of security controls related to access management vulnerability management change management incident response and thirdparty risk.
Document audit procedures results and conclusions in accordance with Internal Audit standards and methodologies.
Identify control gaps and potential risks escalating observations to senior team members with supporting evidence.
Support risk assessments and audit scoping activities by gathering background information on systems processes and technologies.
Participate in meetings with business and technology stakeholders to understand processes and validate audit observations.
Track remediation activities and assist in followup testing to validate corrective actions.
Leverage AI-enabled tools and automation to enhance audit efficiency including data analysis documentation risk identification and research activities while applying professional judgment to validate outputs.
Stay current on basic cybersecurity concepts emerging threats and industry standards to continuously build technical and audit knowledge.

Qualifications

Preferred Knowledge and Skills:

Foundational Cybersecurity Knowledge: Understanding of core security domains such as identity and access management network security vulnerability management and secure system configuration.
Audit & Risk Mindset: Familiarity with internal audit concepts risk assessment and control testing methodologies.
Framework Awareness: Working knowledge of cybersecurity and IT frameworks such as NIST CSF ISO 27001 COBIT or CIS Controls.
Analytical Skills: Ability to analyze evidence identify inconsistencies and clearly document findings.
Communication Skills: Ability to communicate effectively with audit team members and stakeholders both verbally and in writing.
Collaboration & Learning Orientation: Willingness to learn accept feedback and work collaboratively within a team environment.

Required Qualifications:

36 years of experience in IT audit cybersecurity information security or a related technical field.
Bachelors degree in Information Systems Computer Science Cybersecurity related discipline or relevant military IT cyber operations or intelligence experience providing equivalent technical and operational expertise.
Prior experience with a Big Four public accounting firm (Deloitte PwC EY or KPMG) typically 24 years with a focus on IT audit cybersecurity or technology risk.
Active professional certification required: CISA Security and/or CISSP.
Strong understanding of enterprise technology environments security controls and risk management concepts.
Ability to operate effectively in a multinational corporate environment and collaborate with diverse technical and business stakeholders.
Willingness and ability to travel domestically and internationally up to approximately 2530% as part of audit activities.
Fluent in English.

We operate a hybrid work environment. During weeks of non-travel 3 days a week in the Charlotte NC office is required.

Required Experience:

Key Skills

Auditing
Microsoft Office
Communication skills
Computer Skills
GAAP
Accounting
Analysis Skills
Research Experience
Securities Law
Training & Development
Mentoring
GAAS

Apply Now

About Company

Hearst

Hearst Television (HTV) owns and/or operates 35 television and two radio stations serving 27 media markets across 39 states reaching over 22 million U.S. television households. HTV is recognized as one of the industry's premier broadcasting companies and has been honored with numerous ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click