150,000 - 180,000 base + 20% bonus
2 months ago
Cyber Security & IT Operations Audit SME - Financial Services - DMV Region (Virginia)
Client is an integral part of the mortgage industry, with federal ties and connections to nearly every broker-dealer across the US. Due to interesting integration work and new technology initiatives that the firm is working on this is an amazing opportunity to interview with an industry leader to determine if you possess the right fitness for their requirements. At this stage they would be looking for you to help build a new team of technologists to help fill skill gaps the current team has been unable to satisfy.
- Perform independent audit and advisory services of cyber risk associated operating activities to ensure that they are completed on time and in keeping with professional standards.
- Scope and execute reviews of a wide variety of cyber risks.
- Review monthly risk metrics of the First and Second Line of Defense and industry news to identify emerging issues and trends and communicate implications to senior leadership within Internal Audit.
- Based on the work performed, draft strategic, business focused audit reports to identify and communicate issues related to cyber risk.
- Make recommendations to the Audit Committee or Board of Directors on significant issues raised during audit work.
- Conduct internal training sessions to help other audit teams understand cyber risk.
- Build strong relationships with leaders across the First and Second Lines of Defense to enable strong collaboration, while maintaining Internal Audit’s independence.
- Monitor and provide consultative advice to business and IT management on current or emerging cyber security risk, control and governance matters.
- May be tasked with leading, or participating in, specific risk assessment initiatives, firm-wide process change initiatives, or conducting special investigations or pre-implementation reviews at the request of management.
- Perform and document work in accordance with Internal Audit standards.
- Maintain technical knowledge through ongoing research and review of industry publications.
- Minimum of 8 years working in and/or auditing IT security areas such as penetration testing, security monitoring, forensics, threat management, vulnerability management, security engineering, and system security assessments
- Bachelor’s degree in in Cyber Security, Cyber Risk, Management Information Systems, Computer Science, Engineering, or Math
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA), or the commitment to obtain the CISA within a year of starting
- Working knowledge of industry standards such as NIST or ISO
- Must work well in a team-oriented environment as well as individually
- Must work creatively and analytically in a problem-solving environment
- Must demonstrate effective verbal and written communication and interpersonal skills
- Experience in conducting Information Security audits
- Project Management experience
- Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM)
The role is of an urgent nature so please apply directly to this job or email firstname.lastname@example.org to apply. Please note that due to the high volume of applications received only candidates who match the above criteria will be contacted at this time, you will however be on-boarded as a client of the HW International network and contacted about roles that may suit your experience further.
For more questions, call : (347) 282-5741