Assess the effectiveness of IT controls, processes, and systems against regulatory, operational, and compliance standards.
Perform data analytics to identify risks, trends, and anomalies within IT environments.
Develop and optimize audit analytics scripts, dashboards, and methodologies to enhance audit efficiency and insights.
Prepare and present assessment findings to a cross-functional audience
Prepare comprehensive audit findings and recommendations, communicating results to senior stakeholders effectively
Provide practical recommendations to remediate control gaps
Engage business units, IT teams to remediate control gaps.
Participate in compliance related activities such as audits, issue remediation, supplier coordination
Communicate common information security themes and control gaps identified
Coordinate across multiple functions to ensure appropriate sustainable actions are taken for gap remediation
Establish operating rhythm with Business Units to report out on key metrics including status of assessments and issue management
Stay current and utilize industry standards and best practices to drive improvements to our security posture
Stay abreast of emerging technologies, industry trends, and advancements in IT audit and analytics tools
Support education of our stakeholders, application teams, providing guidance and sharing best practices to develop their skills and expertise.
Education Qualification
Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with advanced experience.
Previous experience in IT Audit/Security Audit/IT Compliance/IT Risk analysis experience
Experience with advanced analytics, data analysis
Understanding ofIT technologies,standards and how to apply them
Desired Characteristics
Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA
Solid understanding of IT processes
Experience performing IT Audits or Security Assessments in a regulated environment (i.e. Financial Services, Healthcare companies)
Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)
Awareness and experience with industry regulations (i.e. HIPAA, Export control, PCI)
Proven ability to execute across multiple locations and stakeholder groups
Ability to work cross-functionally
Ability to influence others effectively across a matrixed organization
Excellent analytical / technical skills
Strong oral communication, business writing, presentation and facilitation skills
Coordinate effortsin line withthe "bigger picture" to maximize theoverall value ofIT service delivery and demonstrated history resolving conflicts in priority
Awareness of and ability to deliver compliance requirements
Excellent written and verbal communication skills and ability to interface and influence at all levels in the organization
Demonstrated ability to excel ina global matrix organization
Ability to learn complex systems and businessprocesses and definerequirements for solutions
Experience working with healthcare specific legal and regulatory requirements