Job Description
The Stetson Cybergroup is a team of IT industry veterans who have dedicated our attention to one of the most important aspects of IT support needed today—cyber security. Because we are far from new to the IT field, we are aware of the risks businesses face and fully understand what is at stake.
We are building our Audit team and we are looking to add an IT Auditor to our team. Our Audit team works with our clients to make a more risk-aware, effective IT organization that can deliver transformational business change and meet regulatory compliance requirements.
Reporting to the Director of Audit, the IT Auditor will be responsible for assisting with the execution of various engagement objectives within assigned areas. The ideal candidate is a team player who exhibits initiative, accepts responsibility, communicates effectively, and manages multiple concurrent assignments of varying sizes and complexity. The IT Auditor enjoys flexibility, meaningful and diverse client work, and a supportive and innovative work environment.
Essential Duties and Responsibilities:
- Conduct IT and cybersecurity audits and investigations of complex information technology including evaluating whether security vulnerabilities are properly identified and mitigated,
- Perform information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance,
- Perform reviews of internal control procedures and security for systems under development and/or enhancements to current systems,
- Prepare and examine technical assessment findings and assisting in the development of IT and cybersecurity audit plans and programs,
- Conduct operational, compliance, financial and investigative audits, as assigned,
- Conduct fieldwork to gather and/or verify information and ensure all procedures and testing necessary to meet audit objectives,
- Conduct tests of internal controls for audits and investigations of IT, cybersecurity, telecommunications, and other technical services related projects,
- Prepare audit finding memos and recommendations, and working papers to ensure that adequate documentation exists to support the completed audit and conclusions,
- Prepare and present written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management and clients,
- Follows up on audit recommendations to ensure that corrective action(s) are taken,
- Develop and implement tools to analyze data and improve audit efficiency and effectiveness,
- Maintains currency of knowledge with respect to relevant state-of-the-art technology, equipment, and/or systems,
- Perform miscellaneous job-related duties as assigned and understanding of business and system processes,
- Work effectively as part of a team atmosphere, or individually when required, to perform duties and achieve daily operational goals.
Minimum QualificationsAny combination of the following:
- Bachelor’s degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cybersecurity, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; and/or
- Two (2) years of experience as an IT Auditor; and/or
- Professional designation in, or ability to begin or complete a program to achieve, one or more of the following certifications:
o Certified Information Systems Auditor (CISA)
o Certified Information Systems Security Professional (CISSP)
o Certified in Risk and Information Systems Control (CRISC)
o Certified in the Governance of Enterprise IT (CGEIT)
o CSX® Cybersecurity Practitioner Certification (CSX-P)
o Certified Information Security Manager (CISM)
o CompTIA Security+
o CompTIA CASP+
o Certified Internal Auditor (CIA)
Preferred Skill