Whatsapp
Posted : Saturday, September 09, 2023 10:04 PM
*Position Summary: Senior, IT & Cybersecurity Auditor*
we are strong, innovative, and growing.
We invest in our people.
We care and make a positive difference.
Looking for a strong Senior, IT & Cybersecurity Auditor in the Corporate Audit Department.
The position will be responsible for planning & executing technology & cybersecurity audits.
This role will be part of the Corporate Audit & Anti-Fraud (CAAF) team and will work on a variety of audits and projects encompassing cybersecurity, information technology, and help with overall development of a cyber and technology audit framework.
This exciting position will impact the overall success of the technology & cybersecurity audit program by leveraging NIST frameworks and executing, and planning for IT audits using a risk-based approach.
This position includes significant internal client interface, and as such requires strong professional presence, communication and decision-making skills.
The successful candidate will be capable of identifying technology and cybersecurity risks across all areas of the company.
The ability to establish exceptional relationships and credibility within the CAAF team and internal Northwestern Mutual clients will be essential to the individual’s success.
The Senior, IT & Cybersecurity auditor will report up to the Assistant Director, IT & Cybersecurity Audit.
*Key Responsibilities:* * Independently conducts thorough risk analysis, control identification and audit program development.
Independently concludes on the effectiveness of controls and control gaps based on the results of testing.
Demonstrates the ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently.
* Demonstrates technical knowledge of routine IT systems and processes and continues development of technical and intermediate analytical skills to understand more complex technologies.
Interprets the associated risks, begins to develop a holistic view of risk, develops testing approach, and proposes solutions.
* Effectively communicates audit issues and related recommendations in both technical and non-technical terms to Operational and IT management.
Makes sound recommendations for audit finding rankings and effectively supports conclusions during discussions with audit clients.
* Utilizes analytic technologies and data to enable agile methodologies and approaches to deliver increased efficiency and deeper insights on risk assurance.
* Function as a member of the technology & cybersecurity audit team, with experience as both as an individual contributor and in team environments where collaboration and adaptability are important.
* Handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision.
* Responsible for conducting cybersecurity design and effectiveness audits of IT systems, cloud environments (AWS, VMWARE), and network infrastructure to ensure compliance with internal standards aligning with NIST 800-53 and the NIST Cybersecurity Framework (CSF).
* Remains current on cybersecurity auditing practices, cyber emerging threats, industry regulatory changes, and internal company policy and process changes.
* Proactively interfaces with IT functional groups to enhance their understanding of the cybersecurity controls to drive improved security compliance and management of risk, and to strengthen effectiveness of cybersecurity controls.
* Prepares and reports on audit recommendations and ensures they are accurately tracked in an audit repository.
*MINIMUM REQUIREMENTS:* * Strong written and verbal communication skills with the proven ability to interact effectively at all levels within and outside the organization * Bachelor's degree in Accounting, Finance, Information Technology or another relevant field.
* Understanding of IT audit standards and frameworks (e.
g.
, COBIT, ISO/IEC 27002, NIST) and data security and privacy regulations (e.
g.
CCPA, HIPAA) * Knowledge and understanding of auditing IT applications, and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, messaging, mobile technologies, remote access, storage, operating systems, virtualization services, etc.
) * Excellent project management and organization skills; ability to multitask.
* Confidence and gravitas in working with and challenging stakeholders.
* Excellent ability to develop and write impactful reports and presentations.
*PREFERRED REQUIREMNTS:* * Demonstrated knowledge of the regulatory environment for Financial Services industry is a plus * Experience with large public accounting firms or large corporate internal audit team is a plus * Relevant professional certification (e.
g.
CISA, CIPP, CISSP, CGEIT, CISM, CRISC, CIA, CPA) or the desire to actively work towards one * General understanding of Model Audit Rule, SOX, or general controls; direct experience a plus *Work Experience:* * 5+ years of technology & cyber audits experience with a professional services firm, an internal audit group, or similar environment.
*TECHNICAL SKILLS* *Must Have* * Effectively communicates audit issues and related recommendations in both technical and non-technical terms to Operational and IT management.
Makes sound recommendations for audit finding rankings and effectively supports conclusions during discussions with audit clients.
* Excellent project management and organization skills; ability to multitask.
* General understanding of Model Audit Rule, SOX, or general controls * Handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision * Independently conducts thorough risk analysis, control identification and audit program development.
Independently concludes on the effectiveness of controls and control gaps based on the results of testing.
Demonstrates the ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently.
* Knowledge and understanding of auditing IT applications, and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, messaging, mobile technologies, remote access, storage, operating systems, virtualization services, etc.
) * Understanding of IT audit standards and frameworks (e.
g.
, COBIT, ISO/IEC 27002, NIST) and data security and privacy regulations (e.
g.
CCPA, HIPAA) Job Types: Full-time, Contract Pay: $42.
91 - $80.
00 per hour Benefits: * 401(k) * Dental insurance * Health insurance * Paid time off * Vision insurance Schedule: * 8 hour shift * Monday to Friday Experience: * Information governance: 1 year (Preferred) * Cybersecurity: 1 year (Preferred) Ability to Commute: * Milwaukee, WI 53202 (Preferred) Ability to Relocate: * Milwaukee, WI 53202: Relocate before starting work (Preferred) Work Location: In person
We invest in our people.
We care and make a positive difference.
Looking for a strong Senior, IT & Cybersecurity Auditor in the Corporate Audit Department.
The position will be responsible for planning & executing technology & cybersecurity audits.
This role will be part of the Corporate Audit & Anti-Fraud (CAAF) team and will work on a variety of audits and projects encompassing cybersecurity, information technology, and help with overall development of a cyber and technology audit framework.
This exciting position will impact the overall success of the technology & cybersecurity audit program by leveraging NIST frameworks and executing, and planning for IT audits using a risk-based approach.
This position includes significant internal client interface, and as such requires strong professional presence, communication and decision-making skills.
The successful candidate will be capable of identifying technology and cybersecurity risks across all areas of the company.
The ability to establish exceptional relationships and credibility within the CAAF team and internal Northwestern Mutual clients will be essential to the individual’s success.
The Senior, IT & Cybersecurity auditor will report up to the Assistant Director, IT & Cybersecurity Audit.
*Key Responsibilities:* * Independently conducts thorough risk analysis, control identification and audit program development.
Independently concludes on the effectiveness of controls and control gaps based on the results of testing.
Demonstrates the ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently.
* Demonstrates technical knowledge of routine IT systems and processes and continues development of technical and intermediate analytical skills to understand more complex technologies.
Interprets the associated risks, begins to develop a holistic view of risk, develops testing approach, and proposes solutions.
* Effectively communicates audit issues and related recommendations in both technical and non-technical terms to Operational and IT management.
Makes sound recommendations for audit finding rankings and effectively supports conclusions during discussions with audit clients.
* Utilizes analytic technologies and data to enable agile methodologies and approaches to deliver increased efficiency and deeper insights on risk assurance.
* Function as a member of the technology & cybersecurity audit team, with experience as both as an individual contributor and in team environments where collaboration and adaptability are important.
* Handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision.
* Responsible for conducting cybersecurity design and effectiveness audits of IT systems, cloud environments (AWS, VMWARE), and network infrastructure to ensure compliance with internal standards aligning with NIST 800-53 and the NIST Cybersecurity Framework (CSF).
* Remains current on cybersecurity auditing practices, cyber emerging threats, industry regulatory changes, and internal company policy and process changes.
* Proactively interfaces with IT functional groups to enhance their understanding of the cybersecurity controls to drive improved security compliance and management of risk, and to strengthen effectiveness of cybersecurity controls.
* Prepares and reports on audit recommendations and ensures they are accurately tracked in an audit repository.
*MINIMUM REQUIREMENTS:* * Strong written and verbal communication skills with the proven ability to interact effectively at all levels within and outside the organization * Bachelor's degree in Accounting, Finance, Information Technology or another relevant field.
* Understanding of IT audit standards and frameworks (e.
g.
, COBIT, ISO/IEC 27002, NIST) and data security and privacy regulations (e.
g.
CCPA, HIPAA) * Knowledge and understanding of auditing IT applications, and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, messaging, mobile technologies, remote access, storage, operating systems, virtualization services, etc.
) * Excellent project management and organization skills; ability to multitask.
* Confidence and gravitas in working with and challenging stakeholders.
* Excellent ability to develop and write impactful reports and presentations.
*PREFERRED REQUIREMNTS:* * Demonstrated knowledge of the regulatory environment for Financial Services industry is a plus * Experience with large public accounting firms or large corporate internal audit team is a plus * Relevant professional certification (e.
g.
CISA, CIPP, CISSP, CGEIT, CISM, CRISC, CIA, CPA) or the desire to actively work towards one * General understanding of Model Audit Rule, SOX, or general controls; direct experience a plus *Work Experience:* * 5+ years of technology & cyber audits experience with a professional services firm, an internal audit group, or similar environment.
*TECHNICAL SKILLS* *Must Have* * Effectively communicates audit issues and related recommendations in both technical and non-technical terms to Operational and IT management.
Makes sound recommendations for audit finding rankings and effectively supports conclusions during discussions with audit clients.
* Excellent project management and organization skills; ability to multitask.
* General understanding of Model Audit Rule, SOX, or general controls * Handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision * Independently conducts thorough risk analysis, control identification and audit program development.
Independently concludes on the effectiveness of controls and control gaps based on the results of testing.
Demonstrates the ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently.
* Knowledge and understanding of auditing IT applications, and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, messaging, mobile technologies, remote access, storage, operating systems, virtualization services, etc.
) * Understanding of IT audit standards and frameworks (e.
g.
, COBIT, ISO/IEC 27002, NIST) and data security and privacy regulations (e.
g.
CCPA, HIPAA) Job Types: Full-time, Contract Pay: $42.
91 - $80.
00 per hour Benefits: * 401(k) * Dental insurance * Health insurance * Paid time off * Vision insurance Schedule: * 8 hour shift * Monday to Friday Experience: * Information governance: 1 year (Preferred) * Cybersecurity: 1 year (Preferred) Ability to Commute: * Milwaukee, WI 53202 (Preferred) Ability to Relocate: * Milwaukee, WI 53202: Relocate before starting work (Preferred) Work Location: In person
• Phone : NA
• Location : 1301 East Albion Street, Milwaukee, WI
• Post ID: 9082611220
