Information Security Auditor

US-IL-Schaumburg
1 month ago
Job ID
2017-1248
Subsidiary
Ceannate
Category
Information Security

Overview

The Information Security Auditor’s primary job role is to reduce risk to all Ceannate Corp and its subsidiaries’ information security by managing and maintaining all aspects of confidentiality, integrity, and availability of Ceannate Corp’s information assets. Ideal candidate should have proficient technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, Identity and Access Management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools; Hands on auditing experience, security framework and auditing methodologies is a must.

Responsibilities

  • Participate in all aspects of the IT audit, IT risk assessment, controls analysis and IT review process including planning, control analysis, testing, reporting, and making/writing recommendations.
  • Assist with oversight of the Information Security program, third party risk assessments.
  • Develop and run the Vender Assessment Program.
  • Perform triennial onsite vendor assessments auditing against FISMA/NIST, PCI DSS, SSAE18 and other requirements.
  • Perform an annual vendor documentation assessment auditing against FISMA/NIST, PCI DSS, SSAE18 and etc. requirements.
  • Manage the interface between Company and vendor management for the Service Organization Control (SSAE 18 SOC 1&2), PCI-DSS, FISMA/NIST and other compliance initiatives, including providing requested audit inputs
  • Stay abreast of the current IT environment and industry IT trends relevant to the company's IT activities.
  • Use technology and tools to enhance the effectiveness of deliverables and services.
  • Conduct audits and reviews in accordance with professional standards and within professional guidelines.
  • Experience in auditing Information Networks, Systems such as Windows, AS400, Active Directory, etc.
  • Public accounting or control testing experience is a plus.
  • Complete and deliver complex security reports to management in business terms.
  • Complete and deliver findings reports to vendor management, lessons learned.
  • Work with vendor to determine remediation plan.
  • Assist in maintaining Information Security Document Library
  • Assist with the achievement of PCI, SSAE and FISMA certification
  • Perform additional duties as assigned

Qualifications

Education and Experience

  • Experience in performing information security audits, using auditing tools and framework
  • Experience in network security monitoring, security device administration and management
  • Experience in auditing Network Equipment (switches, firewalls, and routers) and Servers with a detailed understanding of security configurations.​
  • Bachelor’s Degree in an Information Technology or Information Security related field is required.
  • Security certification preferred: CISA, CISSP, etc.
  • Prior security experience in the following areas:
    • Vendor Management
    • Security Policies and Procedures
    • Infrastructure Security
    • Application and Database Security
    • Incident Response program
    • Security Administration
    • Assessments, audits and certifications

Language Skills:

  • Ability to read, write and speak English proficiently

Physical Demands: The physical demands describe here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential function.

  • Specific vision requirements include the ability to see at close range, distance vision, peripheral vision, depth perception, and the ability to adjust focus
  • While performing the duties of this job, the employee is regularly required to talk and hear
  • Possess the ability to fulfill any office activities normally expected in an office setting, to include, but not limited to: remaining seated for periods of time to perform computer based work, participating in filing activity, lifting and carrying office supplies (paper reams, mail, etc.)
  • Frequently required to stand, walk, sit, use hands to feel, and reach with hand and arms
  • Occasionally lift and/or move up to 20-25 pounds
  • Fine hand manipulation (keyboarding)
  • May require occasional travel
  • May require occasional evening and/or weekend work to meet deadlines

Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

  • Internal office
  • The noise level in the environment is typically low

Background Requirements:

  • Drug Test
  • Criminal Background
  • Education and Employment Verification
  • Security Clearance - Public Trust
  • Federal Background Investigation & Fingerprint Check
  • Male applicants born after 12/31/1959 must have registered for the Selective Service.
    • For more information visit www.sss.gov.
  • Sensitivity for this role is 6C

Ceannate Corp is an Equal Opportunity/Affirmative Action Employer
Minority/Female/Disability/Veteran

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed