||Cyber Security Auditor
Analyze overall enterprise security audit readiness and provide recommendations on how effectiveness could be improved to mitigate conditions that could impair future audit preparedness and audit readiness support. Review and evaluate audit findings, make recommendations for audit readiness, contribute to security presentations, and participate in debriefs to represent cyber security interests. Work as a Cybersecurity subject matter expert (SME) and Cybersecurity team member assisting with security awareness training curriculum, form gathering, and other security documentation, as required by Etech Cyber security, conducts security audits of information systems against documented organization security standards as well as ISO 27001, PCI-DSS, HIPPA, and Privacy Shield. Review security controls, tests system technical security configuration settings, reviews system scan results for compliance with documented policy and industry standards, and assists with developing and reviewing compliance reports that clearly identify security findings and proposed remediation strategies, as necessary.
- Analyze overall enterprise audit readiness and provide recommendations on how effectiveness could be improved to mitigate conditions that could impair future audit preparedness and audit readiness support
- Effectively communicate audit procedures and expectations to team members and stakeholders in a timely and clear fashion.
- Liaise with technical security stakeholders on an ongoing basis.
- Set and continually manage technical project expectations with team members and other stakeholders.
- Conduct security audits of information systems against policy/process as defined within Etech documentation and required for ISO 27001, PCI-DSS, HIPPA, and Privacy Shield.
- Plan and schedule security audit timelines
- Determine the frequency and content of audit reports, analyze results, and remediate problem areas.
- Review and evaluate audit findings and make recommendations on improving security and audit preparedness
- Create audit remediation plans along with members of the cyber security and technical teams and establish timelines for completion
Formal Education & Certification
- ?University degree in the field of computer science/technology management and/or 2+ years related work experience.
- Certifications in Cyber Security and/or Technology fields a plus.
Knowledge & Experience
- 2 years’ direct work experience in a technical environment
- Familiarity with security audit and/or standard audit practices
- Ability to conduct technical security audits for complex information systems
- Ability to analyze information systems and technical specifications against defined security control standards and identify deficiencies and remediation strategies
- Experience with network security, vulnerability management, incident response
- Knowledge of emerging cyber security trends
- Familiarity with Change Management practices
- General knowledge of network system Functionality (Firewalls, Switches, Routers, etc.)
- Database and operating systems experience with Microsoft products a plus.
- Technically competent with various software programs, such as Microsoft Office products, SQL, etc.
- Familiarity with security software such as Anti-Virus, Anti-Malware, Web Filtering Technology, Encryption methods and standards
- Familiarity with industry security standards such as ISO 27001, PCI-DSS, HIPPA, Privacy Shield, etc. a plus
- Experience at working both independently and in a team-oriented, collaborative environment is essential.
- Can conform to shifting priorities, demands and timelines through analytical and problem-solving capabilities.
- Reacts to project adjustments and alterations promptly and efficiently.
- Flexible during times of change.
- Ability to read communication styles of team members and contractors who come from a broad spectrum of disciplines.
- Persuasive, encouraging, and motivating.
- Ability to elicit cooperation from a wide variety of sources, including upper management, clients, and other departments.
- Possession of excellent analytical skills
- Strong written and oral communication skills.
- Strong interpersonal skills.
- Adept at conducting research into project-related issues and products.
- Must be able to learn, understand, and apply new technologies.
- Customer service skills a must.
- Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial.
- Sitting for extended periods of time.
- Dexterity of hands and fingers to operate a computer keyboard, mouse, and other devices and objects.
- Physically able to participate in training sessions, presentations, and meetings.
- Travel may be required for performing site audits, meeting with clients, stakeholders, or off-site personnel/management.
- Must be able to pass a background check.