Job List

Are you interested in posting a position with us?  Contact us at to add a position here.

Job Posting-------------------------------------------------------------POSTED 11/4/2021


JM Family Enterprises, Inc. is one of the largest, most innovative and diversified companies in the automotive industry. JM Family has been on Fortune Magazine's Best Companies to Work For for 23 consecutive years. What started with Jim Moran's passion for selling cars continues today with the dedication and hard work of every JM Family associate. Our principal businesses focus on vehicle distribution and processing, finance and insurance, retail vehicle sales, and dealer technology services. At JM Family, our mission is to be the premier provider of quality products and services. We accomplish this mission by adhering to our core values, the three C’s, the I and the A: Consideration, Cooperation, Communication, Innovation, and Accountability.

Job Description

JM Family is seeking a Lead IT Auditor at our corporate headquarters in Deerfield Beach, FL. This role is a great opportunity for someone who is an experienced IT auditor. In this role you will execute internal audits for IT and other business units as well as integrated IT/process reviews and consultations. A Lead Auditor must have extensive audit experience with specialized depth and / or breadth of expertise in IT auditing. This position conducts internal audits under the general direction of Internal Audit Management and in compliance with audit standards, schedules, and any related statutes. This position creates work programs and may train and assign work to less experienced team members, reviewing work activities and job performance, and counseling subordinates on the conduct of audit work. A Lead Auditor is recognized by business partners as having specialized expertise and recommends standards and long-term goals for the areas audited, as well as methods to improve the operational efficiency of audits. This position may handle sensitive, unusual or complex audits where a broader knowledge of auditing is required. A Lead Auditor is able to work independently and take a broad perspective to identify solutions, requiring guidance only in the most complex situations. This position may conduct preliminary reviews of audit reports completed by less experienced team members and approves or makes recommendations to management. This position requires a professional with a degree, a professional internal audit or related qualification, and at least 5 years of experience.


Under direction of Internal Audit Management, and in accordance with the JM Family Enterprises, Inc. (“JMFE”) Internal Audit Group Charter, Audit Leads will be responsible for Third Line of Defense activities, including the execution of the JMFE audit plan.


Responsibilities include, but are not limited to:

  • Regular communication / networking with associates at multiple levels throughout the organization for the purpose of ongoing relationship building to facilitate audit work and continuous risk assessment, monitoring, and information gathering.
  • At the direction of Internal Audit Management, assist in the completion of the risk assessment process.  This includes collaboration with associates in the Second Line and First Line of Defense, conducting interviews, assessing risks identified, and helping develop and present the annual audit plan to Senior Management.
  • Planning and conducting audits as assigned by Internal Audit Management and according to internal audit procedures. This includes:
    • Maintaining independence and objectivity as described in the JMFE Internal Audit Group Charter in order to be able to evaluate the effectiveness of governance, risk management and control processes.
    • Leading and coordinating assigned audits and/or projects to ensure timely completion.
    • Executing audit planning based on audit objectives. Gather information to identify high/critical risks. Document walk-through procedures and identify key controls and control gaps in either a flowchart or narrative form as appropriate.  Develop and present the Risk and Controls Matrix (“RCM”) to Internal Audit Management to facilitate testing.
    • Conducting Fieldwork procedures as guided by the RCM. This will include determining the population and sample size for testing and creating test attributes to determine if controls are operating and functioning as designed.
    • Documenting test work, audit findings, and conclusions with associated business risks and making recommendations to enhance internal controls and/or identify opportunities for improved efficiencies.
    • Presenting audit findings and recommendations to all levels of management.
    • Obtaining responses to the audit findings and ensuring the responses address the identified control/process deficiencies.
    • Preparing audit reports and other management communications (e.g., Audit Committee presentation slides) that summarize and rank the audit findings and recommendations as well as associated business risks.
  • Perform periodic follow-up on audit findings with the business to ensure that all management action plans have been completed timely.
  • Build effective working relationships with co-source partners when assigned to co-sourced engagements. This includes acting as the liaison between the co-source partner and business area auditee, assisting in scheduling meetings with the auditee and ensuring that co-source partners receive adequate cooperation and information from the business for them to perform their audit in a timely manner. In addition, meeting periodically with co-source partner to discuss progress, updating Internal Audit Management and assisting in review of the final audit report or other deliverables.  Ensure established vendor management procedures for the department are followed.
  • Ability to prioritize and work on multiple concurrent audits and projects as requested.
  • Complete administrative responsibilities as requested or assigned by Internal Audit Management (e.g., time reporting, system user access reviews, records retention activities).

Competencies of a Lead Auditor:

  • In addition to the tasks listed above, a Lead Auditor is expected to exhibit the competencies of a professional auditor outlined in the IIA’s Global Internal Audit Competency Framework.  These competencies encompass personal skills such as, communication, critical thinking, persuasion and collaboration, as well as technical expertise, including those highlighted by the IIA Professional Practices Framework such as: business acumen, governance, risks and control.   

Job Requirements

About You:

  • Bachelor’s degree in Computer Information Systems, Accounting, or similar major preferred.  Master’s degree a plus.
  • Active CISA required as well as CPA, CIA or related certification preferred.
  • Minimum five years of IT auditing in public accounting, internal audit, or equivalent work experience required.
  • Demonstrated knowledge of the audit field, and a broad expertise in information technology auditing, including the areas of application controls, asset management, change management, data privacy, data protection, disaster recovery and business continuity, logical security, network security, and vulnerability management.
  • Understanding of the COBIT, NIST, COSO, and/or COSO ERM frameworks.
  • Knowledge of key IT risks, controls, and ability to use technology-based audit techniques. Demonstrated knowledge of project management skills.
  • Strong process analysis, risk and control identification and problem-solving skills
  • Excellent computer skills with emphasis on Microsoft Excel, Word, Power Point, Visio and ACL. Experience with TeamMate or other audit management systems a plus.
  • Experience with data analytics, including related software applications, such as ACL or Power BI, is a plus.
  • Self-motivated with strong leadership skills and ability to make decisions independently.
  • Ability to work both independently and as part of a team.
  • Professional demeanor and ability to work effectively with all levels of management and maintain strict confidentiality.
  • Must possess strong analytical abilities as well as strong verbal and written communication skills.
  • Ability to travel when required.

Job Posting-------------------------------------------------------------POSTED 08/17/2021


Principal Engineer - Cloud Security Technology Operations - Telecommute


Cloud Professionals - don't miss this opportunity to join U.S. Bank and WFH; apply at the link provided below!

Be part of something big, a place where you're challenged to be your best. 

Where integrity matters and success inspires, where great people collaborate, innovate, and give back. 

Where you feel included, valued, and proud. 

Apply now at:
#cybersecurity #cloudsecurity #Cloud #usbank #usbanklife #careers #security #cloud #opportunity2021 #WFH

Job Posting-------------------------------------------------------------POSTED 07/26/2021

Greenberg Traurig, a global law firm, currently has excellent full-time employment opportunities for IT Risk and Compliance Analyst in our Doral, Phoenix, Austin, Salt Lake City, Miami, Dallas, Tallahassee and Atlanta offices.  We offer competitive compensation and an excellent benefits package.

Position Summary:

The IT Risk and Compliance Analyst will provide administrative and technical assistance in the ongoing design, development, and management of the firms’ Information Security Program. This position will primarily assist in developing, monitoring, and enforcing information security practices and controls to ensure information and computing assets are kept secure from unauthorized access and inappropriate alteration.

Duties & Responsibilities:

  • Complete vendor risk assessments submitted to GT by clients and prospective clients.
  • Respond to client Requests for Proposals (RFPs) and questionnaires related to security.
  • Perform information security due diligence on third party vendors to determine the effectiveness of their controls to protect the firm’s data, identify any discrepancies and escalate all issues to management.
  • Develop, implement, assign, and monitor third party vendor assessments
  • Execute and document assessment activities following established processes and procedures.
  • Perform third party online reviews to assess their current information security posture and practices.
  • Improve existing questionnaire response process
  • Keep abreast of regulatory and compliance related information to enhance the third-party due diligence program.
  • Collaborate with team members to create and update documents and presentations that can be used to inform internal employees, external auditors or internal auditors about the Firm’s Information Security third party program.
  • Contribute to the continuous improvement, including automation where possible, of all aspects of the Information Security Program based on expert knowledge, industry best practices, business objectives and risk tolerance, keeping the program relevant and in alignment with the business objectives.
  • Provide threat notification to third party vendors
  • Track vendor mitigation progress of identified threats
  • Assist in development, implementation, monitoring and support of access control, data confidentiality, system integrity, system reliability, system audit and recovery controls.
  • Coordinate, execute, and provide support with Information Security & Business projects.
  • Develop and update security policies, procedures, and best practices.
  • Assist in the management & monitoring of the firm’s Information Security Program.
  • Collaborate with other departments to resolve security related issues and incidents.
  • Collaborate with other business units to ensure compliance to standards and policies.
  • Perform penetration tests, application & vulnerability assessment scans.
  • Actively participate in outside Information Security communities.
  • Conduct security research and knowledge of current security events in order to keep abreast of latest issues.
  • Assist in the development, management & maintenance of the Information Security Awareness Program.
  • Identify Information Security & Business Continuity risks to senior management & make recommendations for corrective actions/mitigation of risks.
  • Perform other related duties as required / assigned.

Skills & Competencies:

  • Understanding of information security (IS) concepts, IT, information security awareness and third-party risk management processes, methodologies, and practices.
  • Proficient knowledge of third-party related regulatory policies.
  • Experience working with compliance issues dealing with sensitive data preferred.
  • Working knowledge of operating systems, web applications, penetration testing, anti-spam solutions, web content filtering solutions, threat analysis, risk, and vulnerabilities.
  • Ability to use the following security systems: vulnerability scanners, data loss prevention (DLP), and log management tools.
  • Working knowledge of core security concepts such as encryption, DLP, patch management, configuration management, vendor risk management, and vulnerability assessments.
  • Ability to investigate security incidents using all available tools, logs, and coordination with various IT groups.
  • Demonstrate strong customer service skills to ensure a smooth data collection experience for both our customers and our internal business unit partners
  • Excellent written & verbal communication skills.
  • Must be available in an on-call status 365/24/7.
  • Must be able to work independently without direct supervision at times.
  • Must be able to take own initiative.

Qualifications & Prior Experience:

  • Bachelor’s degree in information security related field required; or 3+ years of work experience in relevant information security position in lieu of degree.
  • 1-3 years of experience in implementing and/or supporting IT risk management processes.
  • 1-3 years of experience in responding to vendor risk assessments submitted
  • 1-2 years of experience with DLP and SIEM systems
  • Knowledge of risk assessment/management tools
  • Multi-year experience in Information Security
  • IT security related certificates (e.g. Security+, CRISC, CISA, CRCP, SSCP/CISSP) preferred

Job Posting-------------------------------------------------------------POSTED 06/21/2021

IT Security Architect

As a senior member of Information Security team this enterprise-wide role is integral in defining and assessing the organization's security strategy, architecture and practices. The enterprise security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services, evaluate and incorporate emerging technologies and evaluate changes to the threat landscapes. Interacts with senior leaders across the enterprise and acts as a trusted senior advisor. 

  • Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
  • • Develop security strategy plans and roadmaps based on sound enterprise architecture practices
  • Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
  • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
  • Participate in application and infrastructure projects to provide security-planning advice
  • Assist in the development of security technology standards and patterns that will be utilized within the environment
  • Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection
  • Review network segmentation to ensure least privilege for network access
  • Liaise with the Third Party Risk Management (TPRM) team to conduct security assessments of existing and prospective vendors
  • Liaise with the IT Security GRC team to review and evaluate the design and operational effectiveness of security-related controls
  • Support the testing and validation of internal security controls
  • Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics


  • A minimum of 7-10 years of experience in a related field or equivalent experience in the
  • Strong oral and presentation skills
  • In-depth knowledge of cybersecurity frameworks  including  but  not  limited to NIST CF, HITRUST CSF, ISO 27001
  • Strong knowledge of laws and regulations including but not limited to PCI­ DSS, HIPAA-HITECH
  • Experience in using architecture methodologies such as SABSA, Zachman, or TOGAF
  • Direct, hands-on experience or strong working knowledge of managing security infrastructure g., firewalls, intrusion prevention systems (IPSs), web application firewalls (>NAFs), endpoint protection, SIEM and log management technology
  • Strong working knowledge of vulnerability management practices and tool
  • Direct experience designing 1AM technologies and services such as AD, LDAP, and/or AWS 1AM
  • Strong working knowledge of IT service management- lTIL related services

- Change management, Configuration management, Asset management, · Incident management, Problem management, etc.

  • Experience designing and securing applications and infrastructures in cloud environments such as AWS and/or Azure
  • Bachelor's degree in Computer Science or related field or equivalent experience required
  • Multiple certifications preferred

Marlene Eskenazie
Founder - Executive Recruiter

ETC Search, Inc.
1160 Third Avenue
Suite 10H
New York, NY 10065
Tel: 212-371-3880

Job Posting-------------------------------------------------------------POSTED 05/12/2021

Royal Caribbean Group is in search of a Lead, IS Risk Assessments within the GIS department to supervise the evaluation and management of risk involving systems and applications.

The goal of the IS Risk Assessment program is to create and manage an automated, auditable, repeatable, and demonstrable program to manage information security risk to Royal Caribbean Group information assets.

This position assesses the risk of the group's applications and systems using structured interview processes, questionnaires, and review of security, compliance, and data protection documentation.

Essential Duties and Responsibilities:

  • Supervise the IS risk assessment program intake, assessment, remediation, and risk treatment processes
  • Create and introduce advanced processes and methodologies of IS risk assessments
  • Improve IS risk management processes based on changing requirements.
  • Lead discussions on the history and future perspective of IS risk assessment programs
  • Lead the establishment of organizational IS risk management policies.
  • Analyze application and system controls, documentation, and settings to identify information security risks to RCG
  • Predict security issues and their potential impact on customer operations.
  • Ensure potential information security and regulatory compliance risks (such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI-DSS), etc.) associated with systems and applications are examined thoroughly, documented, communicated, treated, and monitored
  • Create enterprise-wide systems and practices for securing information
  • Collaborate with RCG business sponsors, technology departments, and third parties (where applicable) to communicate requirements, initiate, conduct, and complete risk assessments in a timely manner
  • Interact and collaborate with key personnel in various departments including, but not limited to, Procurement, technology departments, Legal, Crisis Management, Compliance and Ethics, Human Resources, Internal Audit, etc
  • Manage and assist in developing and onboarding IS risk assessment tools, templates, and associated processes to provide transparent reporting on activities and portfolio management.
  • Participate in established project management office (PMO) protocols to integrate IS risk assessment requirements (initiation, planning, analysis, design, build, test, deploy, closeout, etc.)
  • Performance of other duties and responsibilities as assigned

Qualifications, Knowledge, and Skills:

  • Bachelor's in IT / IS, Computer Science, or related discipline is preferred. Non-technical degrees with Computer Science fundamentals will be considered combined with technology experience
  • At least one Information Security certification such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), etc. required
  • 5 years of IT / IS Risk experience
  • Demonstrated experience in performing audit / compliance assessments.
  • Experience with internal project consulting to provide compliance and security requirements and guidance
  • Significant experience in SOX, PCI-DSS, Global Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA) and other regulatory compliance requirements and controls
  • Superior written and verbal communication skills required
  • Display sound judgement with a high level of integrity, ethics, and ability to calmly, diplomatically, and effectively handle stressful situations.
  • Ability to formulate and communicate exceptions / findings and technical solutions
  • Proven ability to collaborate with technical and business peers.
  • Demonstrate a degree of creativity with strong, analytical problem-solving skills
  • Self-starter able to perform assessments with minimal guidance.
  • Strong with methodologies, tools, best practices and processes related to IS risk assessments
  • Ability to work in a fast-paced environment with multiple active projects at one time
  • Exceptional work ethic and organization skills with a detail oriented approach
  • Excellent verbal, presentation, and written communication skills for both technical and non-technical audiences
  • High familiarity with ISO27001/2, NIST, FISMA, PCI-DSS, and other industry standards and frameworks
  • Fast-paced, fluid, open, and innovative work environment.
  • Requires flexibility and exceptional interpersonal relationship skills.
  • Requires up to 20% local travel to meet with internal and/or external RCG business partners.
  • Requires up to 10% international travel to RCG internal offices and/or RCG ships.

Apply today:

Job Posting-------------------------------------------------------------POSTED 05/12/2021

The Florida Department of Transportation’s Office of Inspector General is looking for a talented professional to join our team in Tallahassee.  This position will be reporting to the Performance and Information Technology Audit unit. 



As the Sr IT Auditor, your responsibilities will include: 


  • Coordinates and conducts audits (primarily information technology related), special projects, and reviews of department operations, programs and controls, in compliance with professional and office standards, to promote accountability, integrity and process improvement in the department.  Conducts reviews regarding the management of information technology as well as the technical and functional adequacy of information systems specifications, operations, controls and security in compliance with professional and office standards.  Develops assignment scopes, methodologies, and audit programs.  Prepares, researches and designs evaluations of programs, systems, controls, policies, procedures and other functions using audit and analytical techniques.  Analyzes supporting evidence, draws logical conclusions and develops appropriate findings and recommendations.  When assigned as team leader by the supervisor, organizes and facilitates the work of other team members to ensure the successful completion of the assignment. Also, mentor and help train new audit staff.


  • Prepares thorough, complete and accurate documentation of work performed.   Prepares oral and written briefings.  Prepares draft and final reports. 


  • Coordinates and conducts defensible data acquisition and analysis using appropriate evidence and computer forensic techniques. Analyzes supporting evidence, draws logical conclusions and develops appropriate findings and recommendations.


  • Maintains knowledge and proficiency in information system technology and techniques.


  • Performs procedure reviews.


(The link below outlines additional duties and responsibilities)


Position Summary

Position: Sr IT Auditor (Computer Audit Analyst- SES)

Anticipated Annual Hiring Salary: $60,770.06

Closing Date: 05/19/2021

Location: Tallahassee, FL



Select the link below to see the complete job posting and to apply:

Position 55000743  Sr IT Auditor – Performance and Information Technology Section


To learn more about the FDOT OIG:

Job Posting-------------------------------------------------------------POSTED 05/12/2021

Varonis, a global leader in data security software is looking to hire a Sales Engineer in South Florida. Applicants should visit to apply.



The Sales Engineer is responsible for assisting a Sales Representative and Partners with the technical sales activities in net-new and pre-existing opportunities.


The Varonis Sales Engineer will be aligned with a local Sales Representative. The goal will be to deliver the technical value of the Varonis product to the end-user. As a team, the goal will be to build a strong business justification to the end-user, while ensuring that the given annual quota is met/exceeded.



  • Understand customer requirements and integrate Varonis solutions into the customers’ environment.
  • Deliver sales presentations, present technical information about Varonis’ products and services, and conduct product demonstrations.
  • Manage all phases of product evaluations including installations, presenting at seminars, responding to RFP’s and RFI’s and the technical development of Varonis Partners.
  • Ability to work independently and team collaboratively in a fast-paced environment.
  • Ability to articulate the importance of Data Governance and evangelize Varonis as the leader in the Data Governance market to end-users of all levels.
  • Percent of travel varies by territory.



  • Bachelor’s Degree or equivalent from a four-year College or Technical School AND 3-5 years of experience in a customer facing role OR equivalent combination or education and experience.
  • Strong written, oral, and presentation skills.
  • Ability to discuss highly technical concepts to all audiences, ranging from non-technical to executive level technical decision makers.
  • Extensive knowledge of Active Directory and related Directory services.
  • Extensive knowledge of Windows and Unix File systems.
  • Exposure to security hardware and software.
  • Exposure to Microsoft O365/Exchange and cloud platforms preferably in a systems administration role.
  • MCSE, MCP Microsoft Certifications are preferred.



To perform this job successfully, an individual should demonstrate the following competencies:

  • Analytical: Collects and researches data; designs workflows and procedures; identifies data relationships and dependencies; synthesizes complex or diverse information; uses intuition and experience to complement data.
  • Technical Skills: Assesses own strengths and weaknesses; strives to continuously build knowledge and skills; shares expertise with others.
  • Sense of Urgency: Displays a matter of utmost urgency; understands the importance of making critical business decision in a timely manner with strong attention to detail; realization that efficiency and prioritization is critical to success.
  • Customer Service: Manages difficult or emotional customer situations; meets commitments; responds promptly to customer needs; solicits customer feedback to improve service.
  • Problem Solving: Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions.
  • Written Communications: Edits work for spelling and grammar; presents numerical data effectively; varies writing style to meet needs; writes clearly and informatively.
  • Oral Communication: Demonstrates group presentation skills; listens and gets clarification; responds well to questions; speaks clearly and persuasively.
  • Adaptability: Adapts to changes in the work environment; manages competing demands; changes approach or method to best fit the situation; able to deal with frequent change, delays, or unexpected events.
  • Planning/Organizing: Prioritizes and plans work activities; uses time efficiently; plans for additional resources; sets goals and objectives; develops realistic action plans.