(IT Security,IT Auditor,Compliance,Information Security, IT Security,CISSP,CISA, CISM) My client is seeking an IT Audit Analyst with extensive experience auditing companies to establish compliance within Information Security. You will coordinate, plan and execute Information Technology compliance audits.
- Develop and provide controls, standards, process improvement recommendations, technical guidance and awareness for information technology compliance.
- Research, interpret, develop, maintain, and apply compliance regulations and control descriptions for information technology audits such as ISO 9001 (Quality Management System), ISO 27001 (Information Security Management System), Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Policy, etc.
- Execute on all aspects of information technology audit efforts including planning, preparation, audit reports, field work, and follow-up activities.
- Participate in risk mitigation sessions for new projects or processes and ensure that all significant regulatory risks are identified and accounted for appropriately.
- Evaluate remediation plans and provide consultative support as to the interpretation of regulations and their implementation.
- Maintain position as a subject matter expert in current and new information technology compliance laws and best practices.
- Respond to inquiries about the Company's compliance status and controls.
- Support customer retention through providing applicable and appropriate attestation for Thomson Reuters information security policies and practices.
- Provide information security risk management representation on customer calls regarding attestation of Thomson Reuters information security policies and practices.
- Perform a business impact analysis and operate as a key contributor to the Vendor Risk Management process
- Ideally some Industry-related certifications such as CISA, CISSP, CISM and ITIL
- Familiarity with audit and standards processes including ISO, PCI, Sarbanes-Oxley is preferable.
- Practical experience with the identification and remediation of compliance and security vulnerabilities.
- Thorough knowledge of technology platforms, products and services.
- Excellent verbal and written communication skills.
- Ability to communicate at all levels in the organisation.
- Demonstrated strong problem-solving skills and effective negotiation and influence.
- Ability to set project scope, delegate tasks and deliver quality results.
This organisation is an equal opportunity employer and value diversity at our company. The client does not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
For further information and consideration for this exciting opportunity please contact Luke Passmore at Experis on
- Info Security CISA CISSP CISM