Description

• Participate in Information Technology (IT), Cyber Security, Information Security, vulnerability assessments, Social Engineering, electronic banking, and vendor management audits of financial institutions’ control environments by assisting the IT audit team with the planning, administration, and execution of audits. 
• Assist in providing Information Security Officer services (vISO). 
• Perform testing procedures to identify areas for improvement of processes and controls and develop recommendations based on identification of potential risks relevant to the client. 
• Perform internal testing of IT controls for FFIEC, SOX, and ISO Compliance in accordance with IT audit standards, guidelines and best practices. 
• Review and test controls in IT systems and functions to ensure integrity and security of company information and continuity of operations. 
• Prepare work papers that are consistent with generally accepted auditing standards, as well as established firm standards. 
• Assist in completion of vulnerability and social engineering assessments.
• Assist in special projects, as required.
• Communicates with client Management in an efficient and effective manner. 
• The ability to oversee senior and staff auditors while performing the more complex portions of audit engagements.
• Review audit field work prepared, and audit issues identified by senior and staff auditors as assigned and provide review/coaching feedback.

Requirements

• Bachelor’s degree in management information systems, Business, or Accounting with an emphasis in Technology, Computer Science, Cyber Security, or Accounting Information Systems. 
• 5 years of IT audit experience or IT experience; related experience in the financial services industry a plus. 
• Maintain an applicable certification (CISA, CISSP, CEH, CIA, etc). 
• General understanding of information systems auditing, IT control framework, information security, IT general controls, application controls, and information systems terminology, concepts and practices. 
• Understanding of auditing standards and best practices, government guidelines and laws. (e.g., FFIEC, Sarbanes-Oxley Act). 
• Maintain an understanding and experience reviewing / performing reviews around Windows, Microsoft 365, networking, and other technical areas. 
• Must demonstrate strong communication and interpersonal skills to deal with a diverse client group.
• Solid strategic and analytical thinking approach with an emphasis on risk awareness. 
• Ability to successfully manage multiple assignments simultaneously and oversee/manage assigned staff
• Strong verbal and written communication skills.
• Capable of working with multiple clients and projects. 
• Ability to conceptualize, apply, analyze and/or evaluate information generated by observation, experience, reflection, reasoning, or communication actively and skillfully.
• Proficient user of Microsoft Office (Excel, Word, and PowerPoint) and Adobe Acrobat. 
• Experience utilizing Nessus, Kali Linux, and other security assessment tools, a plus. 
• Experience with IDEA Data Analysis, a plus. 
• Willingness to travel a must – daily regional travel and periodic overnight travel.