Senior Auditor Cybersecurity

About the position We are seeking a Senior IT Auditor with over 3 years of experience in conducting comprehensive cybersecurity audits. This role focuses on assessing the effectiveness of our company's cybersecurity controls and processes across IT infrastructure and systems, identifying vulnerabilities, and providing both tactical and strategic recommendations for improvement to ensure regulatory compliance and mitigate cyber risks. Responsibilities • Lead and conduct cybersecurity audits of IT systems, networks, and applications to assess compliance with internal policies, industry standards, and regulatory requirements. • Evaluate the effectiveness of cybersecurity controls and identify vulnerabilities, weaknesses, and areas of improvement. • Develop comprehensive audit plans, testing procedures, and methodologies tailored to specific audit objectives and organizational requirements. • Collaborate with internal and external stakeholders to gather relevant information, conduct interviews, and analyze documentation to support audit activities. • Communicate audit findings, observations, and recommendations to management and stakeholders in clear and concise reports. • Track and monitor implementation of audit recommendations and verify remediation actions to ensure compliance and effectiveness. • Stay current with emerging cybersecurity threats, trends, and best practices to continuously enhance audit methodologies and processes. Requirements • Bachelor's degree in computer science, information systems, or a related field. • Minimum of 3 years in conducting cybersecurity audits, SOX testing, risk assessments, and compliance reviews in complex IT environments. • Strong technical knowledge of cybersecurity frameworks and controls with hands-on experience with cybersecurity tools and technologies, such as vulnerability scanners, SIEM systems, and penetration testing tools. • Proficiency in conducting cybersecurity risk assessments, vulnerability assessments, and penetration testing. • Knowledge of international cybersecurity standards and frameworks including but not limited to NIST, ISO 27001, COBIT, or CIS Controls and their applicability to organizational cybersecurity programs. Nice-to-haves • Advanced certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISS) or Certified in Risk and Information Systems Controls (CRISC). • Master's degree in computer science, information security, or a related field. Benefits • Healthcare benefits • 401(k) plan and company match • Short-term and long-term disability coverage • Life insurance • Well-being benefits • Paid time off (up to 120 hours in the first year, increasing after the first year) • 6 paid holidays • Annual bonus eligibility and potential equity based on performance. Apply tot his job