Request Technology-Stephanie Baker/Neenah, WI

Prestigious Enterprise Firm is seeking IT Compliance and Audit Specialists to create, manage, and facilitate a risk and compliance program to ensure controls are properly designed, implemented and executed.

Collects an inventory of all information assets (applications, data, and all supporting services and infrastructure), analyzes threats and vulnerabilities to determine inherent risk to information assets, designs and evaluates controls as driven by policies, standards and other authoritative sources to mitigate risk, and measures residual risk to report risk posture. Develops a risk-based plan to validate the effectiveness of controls to ensure is not taking excessive risk. Works with business units, functional teams, third parties, and ITS to ensure we are meeting policy-driven requirements. Optimizes controls by sharing and teaching our customers while gathering feedback on where changes to policies may be needed.

This person must have the ability to think strategically about risks to the enterprise and tie those risks to tactical organizational activities, bridging business and technology acumen. This person has detailed knowledge of control requirements (access control, change control, business continuity and disaster recovery, operations), control evaluation techniques, and technical depth in their area of responsibility. Must be able to effectively communicate risk and control issues with all levels of the organization, from people responsible for the execution of controls to the ITS leadership team and CIO.

Liaison with internal and external auditors and regulators. Manage and/or consult on small to large control implementation and remediation efforts for current and new IT solutions.

Works with minimal supervision, and able to drive results in a matrixed organization. Proven understanding of risk assessment methodologies, frameworks, and procedures such as NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001.

Qualifications

Undergraduate Degree or Master's Degree

5+ years Professional experience

3+ years IT Audit or IT Security experience

Experience in Windows and Active Directory

DESIRED CERTIFICATIONS:

SAP Audit experience

Security Designation(s): CISSP, CISM, CISA, CIIP

Employment Type: Permanent
Work Hours: Full Time

Pay: $90,000 to $110,000 USD
Pay Period: Annual
Other Pay Info: bonus

Apply To Job