Information Security Auditor
Our client, a well respected and established accounting and IT consulting firm, is looking for a stellar Information Security Auditor with financial, healthcare, or small business markets experience to join their team. This is a direct hire position with excellent benefits. The Information Security Auditor will be expected to have a solid IT technical foundation (Infosec as well as MS Office 365, Exchange and Active Directory from a Systems Administration perspective) and excellent communication skills. You will be responsible for participating in audit engagement planning, performance testing, and reporting of security risks.
The Information Security Auditor will be conducting IT assessments and client audits and making recommendations based on best business practices and regulatory standards. You will also be conducting policy and procedure client reviews, gap analysis, and risk assessments.
Other tasks include testing of controls in network, vulnerability assessments, HIPAA security audits, and SOC 1 and SOC 2 audits
- Must have a degree in MIS, or Computer Science, or audit related degree
- Minimum 5 years of audit experience
- Minimum 1 year experience with federal regulations such as HIPAA, SEC, FFIEC, GLBA, GDPR
- Experience with NIST and COBIT frameworks, a plus
- Experience with Service Organization Control (SOC) audits
- Ability to translate technical terminology into practical terms for management and clients