Information Security Analyst – IT Audit & Compliance
Ness Digital Engineering
full-time
Posted on:
Location Type: Hybrid
Location: Timisoara • Romania
Visit company websiteExplore more
About the role
- Conduct internal audits focused on verifying and enhancing the company’s compliance and information technology controls
- Help facilitate 3rd party audits and coordinate and work with audit teams, and internal control owners
- Conduct timely and effective audit planning, execution, and reporting
- Conduct training and process analysis with control owners and operators
- Assist with other audit matters and projects
- Provide updates and escalate issues in a timely manner
- Act as lead for future audit success by preparing internal control owners for external audits
- Help internal control owners scope appropriate evidence samples for external auditors
- Establish consistent and sustainable processes for conducting internal audits
- Track and ensure visibility of developing compliance framework standards
- Help facilitate and or conduct internal gap assessments and audit readiness assessments
- Assess inherent and residual risks, evaluate control designs, develop, and execute audit tests
- Document control narratives and walkthroughs
- Comfortably assume core audit responsibilities in all audit phases
- Participate as a key team member on audit projects, having responsibility for more complex areas
- Assist team leaders, managers, and senior and staff auditors in accomplishing team objectives
- Identify and assess the impact of control deficiencies
- Draft audit reports
- Present audit findings to management through status updates and closing meetings
- Assist in the development of cost-justified, value-added management actions
- Effectively handle larger and more challenging workloads on successive assignments
- Produce excellent results in audit projects across multiple business areas and for different team leaders
- Proficient in the use of automated work papers and other department and company tools
- Ensure effective and efficient execution of audits in conformance with professional and department standards, budgets, and timelines
- Maintain internal audit competency through ongoing professional development
- Participate in the review of co-worker’s work
- Communicate in an effective and professional way with customers
Requirements
- High School Diploma
- Common entry-level information security certifications include CompTIA Security+, CISSP Associate, CEH, CISM, CISA, GSEC, CCT, ENSA, SSCP, Cisco Certified CyberOps Associate, or similar
- 2+ years of experience in information security audits
- Experience with common compliance frameworks (BSI C5, GDRP, ISO 27000, Cyber Essentials, PCI-DSS, SOC 2 Type 2, etc.)
- Experience testing compliance controls with control owners
- Strong written, verbal, and interpersonal communication skills
- High level of energy, and the desire to work in a fast-changing environment
- Proficient knowledge of PCs and Servers -- Windows, Linux, and Unix preferred
- Experience in auditing the security of deployments in AWS and/or Azure environments
Benefits
- access to trainings and certifications
- bonuses
- aids
- socializing activities
- attractive compensation
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
information security auditscompliance testingaudit planningaudit executionaudit reportingrisk assessmentcontrol design evaluationaudit test developmentdocument control narrativesautomated work papers
Soft Skills
communication skillsinterpersonal skillsteam collaborationproblem-solvingtime managementadaptabilityleadershiptraining facilitationreport draftingpresentation skills
Certifications
CompTIA Security+CISSP AssociateCEHCISMCISAGSECCCTENSASSCPCisco Certified CyberOps Associate