Principal Information Security Auditor/IT Auditor - Remote CA - R1

The Principal Information Security Auditor is responsible for leading, developing and completing integrated internal audits in compliance with departmental and professional standards. Acts as the principal technical leader for auditing complex information security technologies, assessing security frameworks, security and privacy architecture designs, regulatory and business risk management, security and privacy incident management, application and system change control vulnerability management.

Develops IT, cybersecurity and privacy audit programs and special consulting projects leads audit testing and CAP reviews and delivers audit reports to audit management

Lead and/or participate in complex information technology audits of IT areas to assess the adequacy of internal controls and compliance with Company and departmental goals, objectives and standards

Perform and document audit activities utilizing a comprehensive audit approach (policies, procedures, processes, controls and measures) to address financial, compliance, IT and operational risks in accordance with professional standards

Researches and interprets governmental laws, regulations, and compliance requirements for review

Job Specifications

Typically has the following skills or abilities:

Bachelor's degree in management information system or computer science or engineering, or related field or equivalent experience.

6 years of hands-on technical information security/privacy experience.

One existing certification (or equivalent) from each of the following categories, which must be currently maintained and valid.
General Audit Certification: Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE)

IT Audit Certification: Information Technology Infrastructure Library (ITIL), Certified Information Systems Auditor (CISA), Certified in Risk and Information System Control (CRISC), Certified in Risk Management Assurance (CRMA), Certified in Governance of Enterprise IT (CGEIT), Cisco Certified Network Associate/Professional (CCNA, CCNP)

IT Security/Privacy Certification: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Quality Security Assessor (QSA), Payment Card Industry …