Cybersecurity Audit

Cybersecurity Audit & Compliance Analyst

Principal Functional Responsibilities

Conduct risk assessments to identify and evaluate potential cybersecurity risks. Develop and implement strategies to identify, aggregate, and mitigate cybersecurity risks. Monitor and analyze IT and Security compliance and work with internal resources to maintain adherence to policies and procedures. Facilitate governance activities and track remediation actions for vulnerabilities and deficiencies; and establish and implement resolutions based on risk impact and criticality. Collaborate with control owners to identify and address security vulnerabilities in current and emerging technologies.  Support coordination of internal and external audits with internal process owners and other key stakeholders. Prepare reports with specified metrics related to compliance activities, audit results, remediation plans, and other compliance efforts. Proactively engage in large initiatives, while offering expertise in implementing security controls and advancing the overall security posture of new and existing solutions. Partner with relevant service providers to ensure expectations and SLAs are met.

Basic Requirements 

years of experience or equivalent combination of education and experience.  Strong knowledge of security and risk management frameworks like NIST CSF, CIS Critical Security Controls, ISO , NIST -, FAIR, and CIS Must possess excellent oral and written communication skills and the ability to communicate in technical and business terms. Additionally, must be comfortable developing presentations and delivering them to senior management.

Preferred Requirements

Bachelor’s degree in computer science, Information Systems, or related degree plus three () years of experience or equivalent combination of education and experience  Professional certifications in IT and Cybersecurity a plus. + years of experience in Cybersecurity roles (, incident response, security operations, application security, etc.) Ability to simultaneously handle multiple projects and adjust to changing priorities while multitasking effectively. Self-starter, strong initiative, critical thinker, self-directed with a proven track record to collaborate and inspire change. Experience designing and implementing cybersecurity reporting and metrics (, KPI/KRI development) Fluent in English; additional languages are a plus.

Competencies

Tech Savvy: Anticipating and adopting innovations in business-building digital and technology applications. Optimizes Work Processes: Knowing the most effective and efficient processes to get things done, focusing on continuous improvement. Plans & Aligns: Planning and prioritizing work to meet commitments aligned with the interpersonal goals. Business Insight: Applying knowledge of business and the marketplace to advance the organization’s goals. Communicates Effectively: Developing and delivering multi-mode communications that clearly understand the different audiences' unique needs.
 

---