Auditor II – CISA, CRISC, CISSP, Auditing Cyber Security and Infrastructure

at Resiliency LLC
Published November 10, 2022
Location Boston, MA
Category Default  
Job Type Full-time  

Description

RESPONSIBILITIES:

  • Strategic Control Impact - Identifies meaningful issues in which controls are not accurately designed or are not operating optimally. Assesses the risk and control environment for processes within coverage areas. Work closely with auditees to verify timely progress and completion of agreed upon issue closure, under the mentorship of a supervisor. Understands the financial services industry and risk and control environment for coverage areas and identifies new risks.
  • Audit Execution - Assists Audit Manager with the execution of audit planning, fieldwork, and reporting. Completes risk-focused fieldwork on time and within the allocated budget, advising the Audit Manager promptly of issues that arise or when budgets or timelines are at risk. Understands and performs root cause analysis for issues. Possesses and demonstrates a strong understanding of audit techniques.
  • Quality Process - Demonstrates a proven understanding of our policies, procedures, and documentation standards. Independently prepares work papers that fully comply with IAD policies and procedures. Participates in continuous improvement initiatives. Aligns risk and control processes into day-to-day responsibilities to supervise and mitigate risk; escalates appropriately.

QUALIFICATIONS:

  • Minimum 2+ years of related experience
  • Bachelor's degree preferred or equivalent experience
  • Certifications related to the candidate's coverage responsibilities are beneficial, but not required, such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP).
  • Previous job experience for IT Auditors can vary to meet the department's goal of having a team with diverse perspectives and work experiences.
  • Capable of identifying, assessing, and advising on risks for large-scale technology projects, IT general controls and completing IT process audits (e.g., SDLC, Organizational Change, Logical Security, Business Continuity/Disaster Recovery, and Incident/Problem Monitoring).
  • Proficiency in auditing cyber security and infrastructure components is a plus (e.g., Mainframe, Unix/Linux, Windows).
  • Salary: $81,000 - $90,000 per annum
Drop files here browse files ...