NICE Information Security Analyst 

United States, Utah, Sandy 

125115728

The IT Internal Auditor will conduct internal audits focused on verifying and enhancing the company’s compliance and information technology controls. Help facilitate 3party audits and coordinate and work with audit teams, and internal control owners. Conduct timely and effective audit planning, execution, and reporting. Conduct training and process analysis with control owners and operators. Assist with other audit matters and projects. Provide updates and escalate issues in a timely manner. And other tasks as required.

How will you make an impact?

• Act as lead for future audit success by preparing internal control owners for external audits.
• Help internal control owners scope appropriate evidence samples for external auditors.
• Establish consistent and sustainable processes for conducting internal audits.
• Track and ensure visibility of developing compliance framework standards.
• Help facilitate and or conduct internal gap assessments and audit readiness assessments.
• Assess inherent and residual risks, evaluate control designs, develop, and execute audit tests.
• Document control narratives and walkthroughs.
• Comfortably assume core audit responsibilities in all audit phases.
• Participate as a key team member on audit projects, having responsibility for more complex areas.
• Assist team leaders, managers, senior and staff auditors in accomplishing team objectives.
• Identify and assess the impact of control deficiencies.
• Draft audit reports.
• Present audit findings to management through status updates and closing meetings.
• Assist in the development of cost-justified, value-added management actions.
• Effectively handle larger and more challenging workloads on successive assignments.
• Produce excellent results in audit projects across multiple business areas and for different team leaders.
• Proficient in the use of automated work papers and other department and company tools.
• Ensure effective and efficient execution of audits in conformance with professional and department standards, budgets, and timelines.
• Maintain internal audit competency through ongoing professional development.
• Participate in the review of co-worker’s work.
• Always follow the company Code of Ethics and NICE CXone policies and procedures.
• Communicate in an effective and professional way with customers in and outside of NICE CXone.
• This job description is not intended to be all-inclusive, and the employee will also perform other reasonable related business duties as assigned by immediate supervisor and other management as required.

Have you got what it takes?

• High School Diploma
• Common entry-level information security certifications include CompTIA Security+, CISSP Associate, CEH, CISM, CISA, GSEC, CCT, ENSA, SSCP, Cisco Certified CyberOps Associate, or similar.

• 2+ years of experience in information security audits.
• Experience of common compliance frameworks. (GDRP, ISO 27000, Cyber Essentials, PCI-DSS, SOC 2 Type 2, etc...)
• Experience testing compliance controls with control owners.
• Strong written, verbal, and interpersonal communication skills.
• High level of energy, and the desire to work in a fast-changing environment.
• Proficient knowledge of PCs and Servers -- Windows, Linux, and Unix preferred.
• Experience in auditing the security of deployments in AWS and/or Azure environment.

• Ability to plan and prioritize tasks efficiently and effectively.

Preferred but not required Experience:

• Experience in domestic & international privacy laws such as HIPAA, PCI, NIST security framework.
• Familiarity with industry best practices and regulations for software and/or telecom industry.
• Understanding of MaRISK, BaFin, BSI C5, IRAP

• Bachelor’s Degree, Master’s degree preferred. CISSP, CISA, CISM or equivalent