Lead Cyber & IT Auditor

JOB SUMMARY
This position is responsible for executing high quality audits, risk management over the IT infrastructure, applications and processes. Responsible for delivering high quality internal audit results under the direction of IT Audit Managers and Directors, including planning, performing IT risk assessments, and developing and executing test plans to assess design and effectiveness. Key focus areas are risk assessments, cyber security assessments, business continuity and disaster recovery assessments, and review of internal controls, corporate policy, laws, and regulations, as they relate to the Company's electronic assets.

MAJOR DUTIES AND RESPONSIBILITIES

• Actively and consistently supports all efforts to simplify and enhance the customer experience.

• Execute specific projects established in the annual audit plan, develop scope and objectives of IT audits while ensuring alignment with audit standards, guidelines, and best practices

• Execute projects related to the NIST Cybersecurity Framework, NIST 800 series, CIS Controls, ISO 27001/27002, OWASP, Payment Card Industry, Data Privacy, IT General Controls (ITGC), and other laws and regulations governing the corporation

• Develop audit objectives, scope, audit plan, and procedures

• Prepare audit summaries and review audit results with senior IT management providing observations and conclusions as well as identifies and communicates gaps and evaluates management action plans and related reporting

• Keep abreast of relevant business developments and evolving IT risk areas

• Contribute ideas and opinions to the internal audit team by identifying relevant automated controls to include in an audit scope; Design audit programs/procedures to assess their adequacy, and assisting financial/operational auditors in applying IT audit principles and concepts

• Develop and maintains effective relationships within the team and individuals throughout the organization

• Perform other duties as required

REQUIRED QUALIFICATIONS
Required Skills/Abilities and Knowledge

• Ability to read, write, speak and understand English

• Ability to communicate and align well with key stakeholders

• Ability to cultivate channels of communication (both written and verbal) to effectively influence at all levels of the organization

• Ability to define effective audit plans and effectively coach experienced IT auditors

• Demonstrated understanding of business processes, financial reporting and information technology audit and control frameworks such as SOX, COBIT, ITIL, and PCI

• Demonstrated leadership skills in the areas of leading through influence, relationship building and strategy development and execution

• Demonstrated knowledge of risk assessment and familiarity with tools and techniques used to provide control and monitoring mechanisms

• Demonstrated knowledge of IT audit methodologies and control frameworks of IT platforms, processes, systems and controls, including areas such as network security, logical access and change management controls at an infrastructure and application level, databases and systems maintenance

• Knowledge of cable television products and services

• Knowledge of various network architectures, services, systems, applications, development platforms, network/security technologies

• Proficiency in information security tools to exploit vulnerabilities in networks and applications

• Knowledge of web application security including cross site scripting and SQL injection

Required Education
Bachelor’s degree in Information Technology, Business, Accounting, or Finance

Required Related Work Experience and Number of Years
Experience in IT audit or public accounting - 3-4
Experience with various technologies, including networks, platforms, and applications
Experience in information security assessments

PREFERRED QUALIFICATIONS
Preferred Skills/Abilities and Knowledge
Knowledge of PCI Standards, HIPAA, and security

Preferred Education
CISA
CIA, CISSP, CISM, CEH, GPEN, OSCP, CPT and/or MBA

Preferred Related Work Experience and Number of Years
Big 4 experience

WORKING CONDITIONS
Office environment
Expected travel is approximately 10-15 percent
Exposure to a moderate level of noise

FAU345 322683-2 322683BR