Title: Cybersecurity Audit Manager

Location: Charlotte, NC

Assignment Type: 3 month contract-to-hire

FTE Salary Range: $110K - $130K

NOTE: U.S. Citizens, GC, EAD and those authorized to work in the U.S. are encouraged to apply.

We are unable to Consider OPT or H1B Visa Candidates for this position.

Job Description

Perform detailed information technology assessments and audits across all areas of the business. The associate must act as an information security implementation consultant. This position is responsible for managing with an independent partner audits and testing of controls in both, SOC1 & SOC2 audits, HIPAA security audits, internal PII audits, and conducts annual policy and procedure reviews. Essential Duties include the participation in the planning, execution and reporting of security audits and assessments with minimal supervision and the management of the remediation activity. Performing Interviews, examinations, and testing of security controls. Assist in preparation of assessment deliverables – Security Control Assessment Report, Security Risk Assessments. Reporting into the CISO the associate will provide audit readiness consulting to clients, internal audit departments and interacts with the senior management, financial auditors, and the senior technology leaders during audits on scoping, controls, identification and execution of testing plans. Execute and report on information technology, privacy, and operational reviews in order to identify business, privacy, security, compliance, information technology and regulatory risks.

 

Qualifications

• BA or BS degree in MIS, Computer Science, Finance or Accounting.
• 3 or more years total audit/system experience including at least two years of systems audit experience.
• Strong experience and expertise with Windows, SAP, AD, and Cisco environments.
• Working knowledge of security compliance criteria, best practices, policy and procedure review, gap analysis, and risk assessments.
• CISA and/or GIAC Systems Network Auditor certifications preferred.
• CPA, CFE, Security+ and CISSP desired.
• Experience with Service Organization Control (SOC) audits and assessing HIPAA Security Rule controls a plus.

 

Responsibilities

IT Audit Team

1. Group Key IT Control Reporting
2. Manager Cyber Training & Awareness, including Phishing Campaign Initiative
3. Pre-Audits

1. KPMG-SAP
2. KPMG-JDE
3. SOC1 & SOC2
4. Group Audit – Canada ITGC Audit

1. SOC1 Audit Planning and Execution
2. SOC2 Audit Planning and Execution
3. KPMG Audit Planning and Execution
4. Vendor IT Audits
5. Vendor Vulnerability Management and Remediation

 

Internal Audits

1. Re-Implementation of Internal Audits following re-design to streamline efficiency
2. Coordinates with External Audit team to develop audits that will preemptively detect potential findings on external audits
3. Conducts Audits
   • Healthcare Applications
   • Critical Client Applications
   • Privileged Account Audits
   • IT Systems Access
   • Cloud AWS/Azure Environments, Standards, and Access
   • Publicly Available IT Resources