Cybersecurity Auditor - India

f cybersecurity controls, executing internal audits, keeping policies and operating proceduresup-to-date, responding to customer assessments, and producing metrics,scorecards, reports and dashboards periodically.

Key Responsibilities:
Perform cybersecurity audits and risk assessments in all areas of the organization in line with the global Internal Audit Program's objectives
Document audit procedures, recommend remediation plans and liaise independently with stakeholders to validate implementation
Work with functional owners to ensure control objectives and activities meet compliance standards for effectiveness and assurance evidence
Publish and present timely and high quality audit reports
Partner with leaders across business functions such as Engineering, Cloud Operations, Privacy, Product and Customer Success to implement effective cybersecurity controls
Identify emerging cybersecurity and information technology risks, evaluate internal controls to treat risks, and develop opportunities to continuously uplift control frameworks
Work with Cornerstone's external partners and cross functional teams to schedule appropriate internal audit testing and/or risk assessments.
Perform formal reviews of new technologies, initiatives and strategic projects against the company's cybersecurity requirements
Recommend updates to cybersecurity policies, standards and operating procedures to address new industry practices, requirements and regulations
Illustrate ownership and accountability and ensure operational efficiency

Educational Background:
Degree in Information Technology, Computer Science, Cybersecurity or related fields
CISA, CRISC, CISSP and/or ISO 27001 LA/LI desired

Skills and Experience:
3-6 total years of experience in cybersecurity, compliance, IT audits and/or cyber risk management
Hands-on expertise in industry-standard cybersecurity assurance standards (e.g., SOC 2, ISO 27k, NIST, PCI DSS, etc.), trends and best practices
Experience in auditing general and automated controls, including but not limited to logical security, physical security, change and problem management, data backup, disaster recovery and incident management
Knowledge of security tools, technologies and control best practices for domains such as IAM, encryption, system hardening, anti-malware, data leakage prevention, NIDPS, network security and vulnerability management

Hands-on exposure to auditing and/or securing leading cloud PaaS technologies platforms such as AWS, Google Cloud and Microsoft Azure
Proficient in Word, Excel, PowerPoint and other Microsoft 365 tools
Mature data analysis, documentation, articulation and presentation skills
Ability to communicate effectively with stakeholders across global regions and organizational levels
Ability to work autonomously with flexibility and excellent judgment
Ability to work effectively under pressure to meet deadlines

Ability to solve problems quickly and automate processes
Ability to work cooperatively as part of a team

#LI-Hybrid