Superior Jobs

 

HYBRID Senior Information Security Auditor

Apply
  • ID: 511043
  • Posted: 8/4/2022
  • Location: Remote, CA
  • Category: IT - Information Technology
  • Job Type: Temporary
  • Duration: 3 - 6 Months

Description

Acara solutions is looking for Senior Information Security Auditor for our client located in HYBRID, CA

  • The Senior Information Security Auditor will perform integrated internal audit and consulting work on information systems and report on the results.
  • Acts as a senior technical advisor for auditing complex information security technologies, assessing security frameworks, security and privacy architecture designs, regulatory and business risk management, security and privacy incident management, application and system change control vulnerability management.
  • Perform and ensure all phases of audits including planning, fieldwork, analysis reporting results and subsequent follow-up procedures are completed and communicated. Participate in special consulting projects as assigned
  • Perform comprehensive audit testing related to IT, cybersecurity and privacy compliance; participate in special consulting projects as assigned.
  • Coordinate and communicate audit results with prepared written documentation and reports.
  • Review corrective action plans and assist in monitoring company's internal control activities and compliance status.
  • Assist in aligning internal controls and compliance requirements with the company's goals and objectives.

Pay and Benefits:

  • The Salary for this position is $ 60.71 per hour (Max Pay rate).
 
Job Requirements

 
Required Skills / Qualifications:
  • Bachelor's degree in management information system or computer science or engineering
  • Minimum 5 years' experience in technical information security/privacy
  • Minimum 5 years' experience in Big 4 or regulatory compliance consulting experience applying risk and threat assessment methodologies with experience across IT, security, privacy and business
Preferred Skills / Qualifications:
  • One existing certification from each of the following categories, which must be currently maintained and valid.
  • General Audit Certification:
  1. Certified Information Systems Auditor (CISA)
  2. Certified Internal Auditor (CIA)
  3. Certified Fraud Examiner (CFE)
  • IT Audit Certification:
  1. Information Technology Infrastructure Library (ITIL)
  2. Certified Information Systems Auditor (CISA)
  3. Certified in Risk and Information System Control (CRISC)
  4. Certified in Risk Management Assurance (CRMA)
  5. Certified in Governance of Enterprise IT (CGEIT)
  6. Cisco Certified Network Associate/Professional (CCNA, CCNP)
  • IT Security/Privacy Certification:
  1. Certified Information Systems Security Professional (CISSP)
  2. Certified Information Security Manager (CISM)
  3. Quality Security Assessor (QSA)
  4. Payment Card Industry Professional (PCIP)
  5. Certified Ethical Hacker (CEH)
  6. Microsoft Certified Professional/Security Engineer (MCP, MCSE)
  • Advanced knowledge of security principles and technologies with hands-on experience in information technology systems and security assessments, or security by design testing, or a variety of security and privacy technology solution implementations
  • General auditing standards such as IIA, PCAOB, GAAP, GAAS, IPPF or equivalent.
  • General information technology processes of Contract Management, Change Management, Recovery Management, Operations Management, Configuration Management, and Risk Management and testing of ITAC/ITGC controls.
  • Automated audit control testing environments such as SAP/ERP, ServiceNow, PeopleSoft or equivalent.
  • Finance regulatory compliance testing such as NAIC/MAR, SOX, EHNCA, ICFR or equivalent.
  • Information technology compliance testing such as ISO27001/2013, COSO, AICPA/SOC(I,II,III) or equivalent.
  • Information security compliance testing such as CMS ARS, CIS, CSA or equivalent.
  • Information privacy compliance testing such as HIPAA (45 CFR), GDPR, CCPA, NYCRR or equivalent.
  • GRC frameworks such as NIST (800-36), ISO (27k series), COBIT, ITIL, GAAS or equivalent.
  • Compliance crosswalk methodologies and models such as SCF, CCF, UCF, RMF, HITRUST or equivalent.
  • Proven ability to effectively communicate complex technical information to both technical and non-technical audiences at all levels of the organization.
  • Proven ability to multitask various audits and projects throughout all audit phases.
  • Proven ability to effectively prioritize tasks in a deadline-driven environment.
  • Clean credit history as reported by credit report

Additional Information:

  • Upon offer of employment, the individual will be subject to a background check and a drug screen.

Aleron companies (Acara Solutions, Aleron Shared Resources, Broadleaf Results, Lume Strategies, TalentRise, Viaduct, and Aleron's strategic partner, SDI) are Equal Employment Opportunity and Affirmative Action Employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, genetic information, sex, age, disability, veteran status, or any other legally protected basis. The Aleron companies welcome and encourage applications from diverse candidates, including people with disabilities. Accommodations are available upon request for applicants taking part in all aspects of the selection process.

Applicants for this position must be legally authorized to work in the United States. This position does not meet the employment requirements for individuals with F-1 OPT STEM work authorization status.
Apply
 

Already have an account? Log in here