Senior Digital Auditor

Job Description SummaryThe Senior Digital Auditor performs security assessments and information security audits of various IT security controls utilizing established IT risk assessment framework and assessment programs. Conducts IT risk assessments to identify appropriate oversight tier and relevant IT controls. Develops and executes assessment approach based on risk assessments. Prepares assessment reports detailing assessor's review of the information security controls and any control gaps. Engages business to remediate issues.

Job Description

Roles and Responsibilities

In this role, you will:

• Assess the effectiveness of IT controls, processes, and systems against regulatory, operational, and compliance standards.
• Perform data analytics to identify risks, trends, and anomalies within IT environments.
• Develop and optimize audit analytics scripts, dashboards, and methodologies to enhance audit efficiency and insights.
• Prepare and present assessment findings to a cross-functional audience
• Prepare comprehensive audit findings and recommendations, communicating results to senior stakeholders effectively
• Provide practical recommendations to remediate control gaps
• Engage business units, IT teams to remediate control gaps.
• Participate in compliance related activities such as audits, issue remediation, supplier coordination
• Communicate common information security themes and control gaps identified
• Coordinate across multiple functions to ensure appropriate sustainable actions are taken for gap remediation
• Establish operating rhythm with Business Units to report out on key metrics including status of assessments and issue management
• Stay current and utilize industry standards and best practices to drive improvements to our security posture
• Stay abreast of emerging technologies, industry trends, and advancements in IT audit and analytics tools
• Support education of our stakeholders, application teams,  providing guidance and sharing best practices to develop their skills and expertise.

Education Qualification

• Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with advanced experience.
• Minimum 3 years IT Audit/Security Audit/IT Compliance/IT Risk analysis experience
• Experience with advanced analytics, data analysis
• Understanding of IT technologies, standards and how to apply them

Desired Characteristics

• Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA
• Solid understanding of IT processes
• Experience performing IT Audits or Security Assessments in a regulated environment (i.e. Financial Services, Healthcare companies)
• Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)
• Awareness and experience with industry regulations (i.e. HIPAA, Export control, PCI)
• Proven ability to execute across multiple locations and stakeholder groups
• Ability to work cross-functionally
• Ability to influence others effectively across a matrixed organization
• Excellent analytical / technical skills
• Strong oral communication, business writing, presentation and facilitation skills
• Coordinate efforts in line with the "bigger picture" to maximize the overall value of IT service delivery and demonstrated history resolving conflicts in priority
• Awareness of and ability to deliver compliance requirements
• Excellent written and verbal communication skills and ability to interface and influence at all levels in the organization
• Demonstrated ability to excel in a global matrix organization
• Ability to learn complex systems and business processes and define requirements for solutions 
• Experience working with healthcare specific legal and regulatory requirements

Note

To comply with US immigration and other legal requirements, it is necessary to specify the minimum number of years' experience required for any role based within the USA. For roles outside of the USA, to ensure compliance with applicable legislation, the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.

This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

Additional Information

Relocation Assistance Provided: No