Position Summary: This is an exciting role that will support a variety of audit, compliance and security initiatives!
The individual will own the complete life cycle of internal audits, client-requested audits, and compliance reviews.
The Information Security Auditor must have the ability to drive key relationships and collaborate with internal and external stakeholders to identify and manage operational and security risks.
This position will also be a key interface with external auditors.
This role will have direct influence over ongoing transformation of Netcracker's security posture.
Role and Responsibilities: Continually monitor the Netcracker IT control environment and identify key risks, related controls and gaps Understand and drive adherence to corporate security policies and procedures Maintain the RCM and track findings Bridge cross-functional conversations to address control enhancement and finding remediation Manage internal audits, external audits, and compliance reviews (e.g., SSAE 18, PCI-DSS, ISO) Stay abreast of regulation and compliance changes and create awareness for control owners Draft management attestations and representation letters Conduct periodic risk assessments (e.g., vendor, insider threat, SANS Top 20) Act as a liaison between internal and external stakeholders on IT controls and compliance areas Assist with privacy compliance projects (e.g., GDPR, Data Privacy Framework) Participate in various risk management initiatives and projects, as assigned Required Experience: 2-4 years' experience in Big 4 IT Audit experience preferred 3-5 years' in Information Security, IT audit and/or IT Risk Management experience a plus CISM, CISSP, CIA or CISA a plus Working knowledge and understanding of COSO, COBIT, IIA International Professional Practices Framework (IPPF), SSAE 18, PCI-DSS, ISO 27001/27018/22301, NIST 800 standards and frameworks Knowledge of relevant applications and technical platforms a plus: Windows Active Directory, Linux, Oracle, JIRA, Cisco and Fortigate Firewalls, SIEM tools, Nessus reports, Cloud architecture Excellent project management skills with the ability to meet tight deadlines Strong verbal and written communication skills Highly developed interpersonal skills, with emphasis on collaboration, influencing and building strong long-term relationships Proactively seeks guidance but can also work independently Familiarity of GRC platforms Education: Bachelor degree in Information Systems Auditing, Computer Science, or related field
