Job Description
- This position shall perform cross-functional collaboration with the other members of the information security team, EIT division, and the business to manage the identification, mitigation, resolution and acceptance/deferral of information security risks to the Client organization.
- In addition, provide guidance on mandatory and recommended security and IAM controls to ensure they are appropriately implemented.
- Collaborate with project teams to interpret any security risks found during certification processes; help define mitigating controls and design plans for remediation, or alternatively assist with the exception process.
- Maintain continuity and consistency between all business unit level information protection programs.
- Manage the information security risk identification, mitigation, acceptance, monitoring and reporting processes.
- Collaborate with Governance, Risk and Performance team on metrics and reporting.
- Plan, execute, and manage multi-faceted projects related to risk management, mitigation and response, compliance, control assurance, and user awareness.
- They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization.
- Identity and Access Management (IAM) experience
- Clear understanding of IT audit methodologies.
- Exceptional written and oral communication skills
- Strong attention to detail with an analytical mind and problem-solving skills.
- Ability to use Microsoft products.
- Familiarity with IAM tools.
- Knowledge in auditing, internal audit standards, fraud awareness, professional ethical standards and enterprise risk management (i.e., risk analysis and control assessment)
- Project Management Skills
- Exceptional Soft Skills
- Time Management Skills
- Bachelor's degree in related field preferred.
- 3 years of combined IT audit and security work experience with a broad range of exposure to systems analysis, application development, database design and administration and 1 year of experience with IT security required.
- Desired professional certification in audit and/or technical security areas.