Presidio
Presidio is a global digital solutions and services provider delivering software-defined cloud, collaboration and security solutions to customers of all sizes.
SEIZE THE OPPORTUNITY TO BE A PART OF SOMETHING GREAT!
Presidio is on the leading edge of a technology-driven movement to transform the way business is done for our customers and our customers' customers. Joining Presidio means immersing yourself in a culture of self-starters, collaborators, and innovators who make real, lasting change in the marketplace via cutting-edge technology and business solutions. At Presidio, we know that it’s our people that make the connections happen.
WHY YOU SHOULD JOIN US? You will set your career on track for outstanding achievement with a company that knows no limits. Presidio is a leading global digital services and solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.
THE ROLE: Internal IT Auditor
Job Summary:
As an Internal IT Auditor, you will oversee and manage the Internal Audit Program, providing leadership in conducting complex information security and continuous audits while delivering technical expertise and guidance to the team. Facilitate audit and examination activities for external auditors and lead audit programming and data extraction efforts. Advise on high-impact operational audits, ensuring alignment with federal, state, and internal compliance standards. Administer audit systems and applications to support organizational privacy policies, identify and address process gaps, and recommend improvements in information security, privacy, and other critical areas.
Job Responsibilities:
1. Direct comprehensive information security audits, ensuring accuracy and precision.
2. Lead consulting engagements to conduct vulnerability assessments and penetration testing, identifying and addressing infrastructure security weaknesses.
3. Strategically plan regular information security audits based on business needs and emerging risks, covering cloud services, vendor management, new technologies, and ongoing projects.
4. Ensure project managers establish clear security control expectations for each project, including audit goals, planning activities, stakeholder engagement, and scope.
5. Supervise internal audit projects, resolving issues as they arise and ensuring timely completion.
6. Review and validate audit reports, confirming that findings and recommendations are sound and practical.
7. Gather feedback from senior management post-audit to ensure findings are appropriately addressed within required timeframes.
8. Manage remediation processes, verifying closure of audit findings to maintain compliance and risk mitigation.
9. Manage systems and tools that improve audit efficiency, including continuous auditing methodologies.
10. Monitor regulatory changes and industry trends, informing senior management of relevant updates in audit practices.
11. Provide consultative support for system, product, and process development, advising on structure, controls, and solutions.
12. Drive change management and process improvement, collaborating to align with business objectives.
13. Communicate effectively with internal stakeholders and partners to ensure alignment and successful audit results.
14. Support the design, implementation, and continuous testing of controls to protect organizational data.
15. Assist in audit reviews and testing conducted by internal and external teams.
16. Assess project interdependencies and their impact on the audit program.
17. Collaborate across functions with IT, legal, vendors, and stakeholders to facilitate the Internal Audit program.
18. Perform additional duties to support internal audit and organizational objectives.
Required Skills:
1. Information Security and Risk Management: In-depth knowledge of security protocols, risk assessment, and compliance frameworks like NIST, ISO 27001, and GDPR.
2. Audit Methodology: Expertise in audit principles and standards to conduct thorough and compliant security audits.
3. Technical Proficiency: Skilled in vulnerability assessment, penetration testing tools, and securing infrastructure and applications.
4. Project Management: Strong organizational abilities to efficiently plan, prioritize, and oversee audit projects.
5. Analytical Thinking: Ability to interpret complex data and audit reports, providing clear and actionable insights.
6. Change Management: Proficiency in leading and managing change and process improvement initiatives within the organization.
7. Communication and Interpersonal Skills: Excellent communicator, skilled in engaging stakeholders and presenting findings effectively.
8. Regulatory Awareness: Up-to-date knowledge of regulatory standards and industry trends in cybersecurity and audit practices.
9. Privacy and Data Protection: Familiar with privacy frameworks and skilled in implementing controls to safeguard data.
10. Problem-Solving and Decision-Making: Strong problem-solving skills to address audit challenges and propose practical solutions.
11. Cross-functional collaboration: Adept at working with IT, legal, business units, and external teams to ensure smooth audit execution.
12. Attention to Detail: Precise in evaluating audit findings and confirming adherence to security controls.
13. Continuous Improvement: Skilled in developing programs and databases that enhance audit effectiveness and support continuous monitoring.
14. Adaptability and Learning Agility: Quickly learns and adapts to new audit technologies, tools, and methodologies.
15. Time Management: Effectively manages time to balance multiple priorities and meet deadlines.
16. Stakeholder Engagement: Engages senior management feedback to refine audit processes and ensure compliance.
17. Strategic Planning: Identifies and prioritizes audit focus areas in alignment with organizational goals and emerging risks.
Additional Desired Skills:
1. Cybersecurity Architecture Knowledge: Understanding security architecture to assess network and system vulnerabilities effectively.
2. Cloud Security Expertise: Specialized knowledge in securing cloud environments (e.g., AWS, Azure, Google Cloud) and managing cloud-specific risks.
3. Data Analytics and Visualization: Proficiency in data analysis tools and visualization software (e.g., Power BI, Tableau) to present audit insights compellingly.
4. Coding and Scripting: Basic skills in programming languages (e.g., Python, SQL) to automate audit tasks and analyze security controls.
5. Crisis and Incident Management: Experience handling cybersecurity incidents and managing responses to security breaches.
6. Financial and Compliance Audit Knowledge: Familiarity with financial audit practices or regulatory audits like SOX to integrate with broader audit functions.
7. Artificial Intelligence and Machine Learning Awareness: Knowledge of AI and ML related to emerging security threats and audit practices.
8. Organizational Change Management: Expertise in implementing change management frameworks to integrate new audit practices smoothly.
9. Public Speaking and Training: Skilled in conducting security training sessions and presenting audit results to large audiences or external stakeholders.
10. Psychology of Human Behavior in Security: Awareness of social engineering and human factors in security, practical for audit aspects related to user behavior and phishing.
11. Business Acumen: Understanding the business implications of audit findings to communicate the impact on organizational goals effectively.
12. Legal and Compliance Awareness: Knowledge of legal standards beyond cybersecurity, like data privacy laws or international compliance requirements.
13. Cultural Awareness: Awareness of cross-cultural communication styles for managing international teams or vendors and conducting audits across regions.
14. Emerging Technology Insights: Understand how emerging technologies like blockchain or IoT introduce new risks and considerations for security audits.
Education and Experience:
1. Bachelor’s degree in Information Technology, Information Security, or related field from an accredited institution or equivalent experience.
2. Over 3+ years of experience in the following:
* Demonstrated expertise in project management methodologies and proven ability to efficiently lead and complete complex projects.
* Extensive experience working with teams to ensure compliance with privacy and security regulations such as GDPR, CCPA/CPRA, HIPAA, CJIS, and FERPA.
* Proven background in internal audit, risk management, process improvement, compliance, or front-line control roles.
* Proficient in industry-standard security control frameworks, including SOC, ISO 27001, ISO 27701, PCI, HIPAA, and other frameworks.
* Strong abilities in project prioritization, problem-solving, issue management, and remediation.
* Exceptional written communication skills and strong presentation and public speaking abilities for effectively conveying findings.
* Preferred certifications include CISA, CIPP, CISSP, or similar, indicating advanced industry knowledge.
* Skilled in analyzing large datasets and converting findings into comprehensive audit reports and other metrics.
* Extensive experience in Information Security Risk Management and effective implementation of risk management strategies.
* Expert knowledge of internal security controls and risk-based auditing techniques to drive security compliance.
* Highly skilled in presenting findings and insights to stakeholders, management, and teams for informed decision-making.
* Advanced analytical skills can summarize complex information, identify patterns, and derive meaningful insights.
* Extensive experience in creating, generating, and maintaining accurate data reports, queries, and related documentation.
* Proven ability to collaborate effectively with all levels of staff, management, stakeholders, and vendors.
ABOUT PRESIDIO
Presidio is committed to Diversity, Equity, and Inclusion at the highest levels and has strengthened its drive to build and drive systemic DEI change process across all levels of the organization. Cultivating a culture of inclusion where the expression of all our differences are valued, celebrated, and add to our collective achievements.
Presidio is a global digital services and solutions provider accelerating business transformation through secured technology modernization. Highly skilled teams of engineers and solutions architects with deep expertise across cloud, security, networking, and modern data center infrastructure help customers acquire, deploy, and operate technology that delivers impactful business outcomes. Presidio is a trusted strategic advisor with a flexible full life cycle model of professional, managed, and support and staffing services to help execute, secure, operationalize, and maintain technology solutions. We serve as an extension of our clients' IT teams, providing deep expertise and letting them focus on their core business. Presidio operates in 40+ US offices and offices in Ireland, London, Singapore, and India.
For more information visit: http://presidio.com
#J-18808-Ljbffr