Jobs

Job List

Are you interested in posting a position with us?  Contact us at president@isacasfl.org to add a position here.


Job Posting-------------------------------------------------------------POSTED 7/17/2019


Contact Info for interested candidates:  Brittney Crook, 954-517-6003 or bcrook@rccl.com          

 

Job Title:  Lead, Information Security Third Party Risk

Job Description:

Position Summary:

  • Royal Caribbean Cruises, LTD. (RCCL) is in search of a Lead, IS Third Party Risk in the Information Security & Compliance team to supervise the evaluation and management of risk involving third party solutions and services.
  • The goal of the RCCL Third Party Risk Management (TPRM) program is to create and manage an automated, auditable, repeatable, and demonstrable program to manage third party risk to RCCL information assets.
  • This position assesses the risk of RCCL’s third party providers, tools, systems, and integrations using structured interview processes, questionnaires, review of third party reports on internal control (such as SOC 1/2 reports) and other information security, compliance, and data protection documentation, as well as red-lines in legal contract reviews.

Essential Duties and Responsibilities:

  • Supervise the TPRM program intake, assessment, remediation, and risk acceptance processes.
  • Collaborate with RCCL business sponsors and third parties to initiate, conduct, and close assessments in a timely manner.
  • Analyze internal controls and information security, compliance, and data protection programs of third parties to ensure RCCL policies and standards are adhered to.
  • Ensure potential risks associated with software as a service (SaaS) technologies and interfaces to RCCL information are examined thoroughly.
  • Ensure Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI-DSS), Global Data Protection Regulation (GDPR), and other regulatory compliance with third party technologies, services, systems, and integrations.
  • Review and assist with negotiations of third party contracts for information security, compliance, and data protection measures.
  • Communicate assessment requirements with business sponsors and third parties related to the third party selection and onboarding processes to maintain compliance with defined policies and procedures, regulations, and managing risk to RCCL.
  • Manage TPRM tool and associated processes to provide transparent reporting on activities and portfolio management.
  • Interact and collaborate with key personnel in various departments including, but not limited to, Procurement, Information Technology (IT), Legal, Crisis Management, Compliance and Ethics, Human Resources, Internal Audit, and Global Business Management.
  • Participate in established project management office (PMO) protocols to integrate TPRM requirements (initiation, planning, analysis, design, build, test, deploy, closeout, etc.).
  • Performance of other duties and responsibilities as assigned.

Qualifications:

  • Bachelor’s in IT / Information Security, Computer Science, or related discipline is preferred.  Non-technical degrees with Computer Science fundamentals will be considered combined with technology experience.
  • At least one Information Security certification such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), etc. required.
  • 5 years work experience in a TPRM role or equivalent.
  • 5 years of IT / Information Security Risk experience.
  • Demonstrated experience in performing audit / compliance assessments.
  • Experience with internal project consulting to provide compliance and security requirements and guidance.
  • Significant experience in SOX and PCI-DSS controls.
  • Experience reviewing and red-lining legal language specific to information security, compliance, and data protection requirements of both RCCL and external third parties for appropriateness.
  • Superior written and verbal communication skills required.

Knowledge and Skills:

  • Displays sound judgement with a high level of integrity, ethics, and ability to calmly, diplomatically, and effectively handle stressful situations.
  • Ability to formulate and communicate exceptions / findings and technical solutions.
  • Proven ability to collaborate with technical and business peers.
  • Demonstrate a degree of creativity with strong, analytical problem-solving skills.
  • Strong with methodologies, tools, best practices and processes related to global TPRM contractual and regulatory requirements.
  • Excellent verbal, presentation, and written communication skills for both technical and non-technical audiences.
  • High familiarity with ISO27001/2, NIST, FISMA, PCI-DSS, and other industry standards and frameworks.

Physical Demands:

  • Ability to receive, express, or exchange detailed information through oral and written communication.
  • Ability to stand, walk, reach, bend, lift and carry up to 25 lbs. of weight (laptop, projector, suitcase, etc.)
  • Ability to be present in the office environment for at least 8 hours per day/40 hours per week.

Work Environment:

  • Fast-paced, fluid, open, and innovative work environment.  
  • Requires flexibility and exceptional interpersonal relationship skills.
  • Requires up to 20% local travel to meet with internal and/or external RCCL business partners.
  • Requires up to 10% international travel to RCCL internal offices and/or RCCL ships.


Job Posting-------------------------------------------------------------POSTED 7/8/2019

Advaion is a team of professionals who enjoy client service and discovering innovative ways to exceed client expectations. Our firm is currently seeking Senior IT Consultants who will be part of a high performing team and serve as a thought leader and subject matter expert in the area of Assurance, specifically IT Audit. Our Senior IT Consultants will deliver a full range of IT audit and consulting services to our clients including Management and Execution of IT Audits, Planning and Conducting Client Interviews for Familiarization, Process Walkthrough, Documentation of IT Control Narratives, Policy and Procedures, SOPs and Key Control Identification Purposes.  

 

Candidates will also be responsible for the collaboration with other engagement team members and overall execution of integrated Audit activities such as Application Control Testing, Segregation of Duties Testing and Evaluation of Financial Key Reports/Queries. 

 

Essential Duties and Responsibilities:

  • Work with organizations to identify and manage business process and IT risks within their strategy execution model.
  • Assist clients in applying key frameworks including COBIT, SOC 2, HITRUST, HIPAA, and NIST.
  • Execute assigned engagements from start to completion which includes planning, execution: documentation & testing and completion: reporting of engagements results and recommendations over issues noted and process improvement opportunities for SOX IT audits, SOC readiness assessments, assurance-related reviews, and Risk-Based audits.
  • Work with assigned team members and client personnel to plan engagement strategy, define objectives, design system-based/automated and manual controls and address technology-related controls risks and issues.  
  • Review information security controls to advise clients on effective, efficient and secure access to the information within their technological environment.
  • Prepare deliverables such as testing workpapers, highly detailed process narratives, policies and procedures and reports that include results, issues noted, trends, recommendations and risks identified through the execution of engagement.
  • Clearly present, communicate and follow-up on information security, technology issues and audit recommendation with top management.
  • Ability to learn new technology concepts quickly and adapt to change.
  • Other duties as assigned.

 

Skills/Experience

  • Bachelor’s degree from a college/university in accounting or information technology related fields are required.
  • Dual experience in Accounting and Information Technology is a plus.
  • Two to five years of related work experience in an IT environment within the Big 4 or large regional firm servicing cross-industry clients at a national level are required.
  • Experience conducting business impact analysis, including process decomposition, risk impact analysis, IT asset analysis and recovery prioritization activities.
  • Information security experience or information security training is required including knowledge on specific requirements regarding security as it applies to data, interfaces, and integration.
  • Have a broad technical background which may include expertise in the following areas: access control software, security architecture and administration, Internet use/firewalls, network security awareness, and enforcement, security policies, and standards, operating systems, applications (Windows, UNIX, AS400, Mainframe, SAP, NetSuite, Oracle, JDE), and databases.
  • Ability to operate as a sole contributor, teammate, and senior simultaneously while leading multiple projects is expected.
  • Strong analytical skills.
  • Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships, are expected.
  • Excellent verbal, written, and presentation skills are required.
  • Excellent computer software skills, including proficiency in Microsoft Office Suite applications are expected.
  • CISA, CISSP, CISM and/or CRISC certifications a plus. 

 

 

Full Benefits – PTO, 100% Health and Dental Coverage, STD, 401k with employer match, office perks such as free lunch Friday’s and unlimited snacks & refreshments

Willingness to Travel – Occasionally

To apply, contact:

Bhuvan Satyaketu

careers@advaion.com

Apply Here



Job Posting-------------------------------------------------------------POSTED 7/8/2019

Organization: 
Florida Department of Transportation Office of the Inspector General
Positions:
Senior IT Auditor
Description:


The Florida Department of Transportation’s Office of Inspector General is in search of a Sr. IT Auditor (Computer Audit Analyst - SES).  There will be multiple positions filled from this advertisement.

The Florida Department of Transportation’s Office of Inspector General is looking for a talented professional to join our team in Tallahassee.  This position will be reporting to the Deputy Audit Director for Performance and Information Technology Audit.  The work conducted by this position includes Information Technology Resource compliance reviews using computer forensic techniques in support of investigations and audits. 

As the IT Auditor, your responsibilities will include: 

  • Coordinates and conducts audits (primarily information technology related), special projects, and reviews of department operations, programs and controls, in compliance with professional and office standards, to promote accountability, integrity and process improvement in the department.  Conducts reviews regarding the management of information technology as well as the technical and functional adequacy of information systems specifications, operations, controls and security in compliance with professional and office standards.  Develops assignment scopes, methodologies, and audit programs.  Prepares, researches and designs evaluations of programs, systems, controls, policies, procedures and other functions using audit and analytical techniques.  Analyzes supporting evidence, draws logical conclusions and develops appropriate findings and recommendations.  When assigned as team leader by the supervisor, organizes and facilitates the work of other team members to ensure the successful completion of the assignment. Also, mentor and help train new audit staff.
  • Prepares thorough, complete and accurate documentation of work performed.   Prepares oral and written briefings.  Prepares draft and final reports. 

 

  • Coordinates and conducts defensible data acquisition and analysis using appropriate evidence and computer forensic techniques. Analyzes supporting evidence, draws logical conclusions and develops appropriate findings and recommendations.

 

  • Maintains knowledge and proficiency in information system technology and techniques.

 

  • Performs procedure reviews.

 

  • Performs other duties as directed.

 

(The link below outlines additional duties and responsibilities)

 

Position Summary

Position: Sr. IT Auditor

Salary range: $50,149.98 - $64,899.98

Hiring Salary: $58,999.98

Closing Date: 07/14/2019

Location: Tallahassee, FL

 

 

Select the link below to see the complete job posting and to apply:

Sr. IT Auditor Advertisement

 

To learn more about the FDOT OIG:

http://www.fdot.gov/ig/



Job Posting-------------------------------------------------------------POSTED 5/29/2019

Company:
Deloitte
Positions:
Senior Consultants and Managers
Description:

Join our leading team working on integrated Cyber Risk solutions, solving the most complex problems of the world’s leading organizations. Our professionals work on Top Client issues, developing & providing Top Solutions with Future Market potential in the below arenas:

 

 - Data Protection(Vormetric/Encryption)
 - Data Recovery/Disaster Recovery
 - Data Risk
 - RedTeaming
 - Vulnerability Management
 - Cyber Hunting & Threat Detection
 - Incident Response
 - Security Operations Center(SOC)
 - Internet of Things(IOT)
  -Secure SDLC
 - Cloud Identity (Centrify, Okta, Ping, MS Azure, AWS, AD)
 - Privileged Access Management(PAM)(BeyondTrust, CA, CyberArk, Thycotic)
 - Sailpoint IdentityIQ
 - Cyber Strategy, Risk & Governance - GRC Archer
 - DevSecOps
 - SAP/Oracle Security & Controls
 - SIEM/SOAR
 - Penetration Testing
 - Splunk

 

Work You’ll Do

As a experienced hire Cyber Risk Consulting professional, you’ll work with our diverse teams of leading professionals to help design and implement solutions to some of today’s toughest cybersecurity challenges so they can achieve business growth and manage risk. You’ll build on your foundations in Information Technology and Business to design and implement business-aligned cyber risk management programs, processes, and systems that help clients focus their investments on key information technology risks.

 

In your role as a experienced Cyber Consulting Professional , you will be part of a team in delivering projects across a variety of cyber topics, including such examples as: 

  • Understand how business functions operate and how industry trends impact a client’s business
  • Assessing or developing an organization’s cyber risk strategy and posture, as it relates to data risk, cyber risk management, cyber risk frameworks and policies, and/or cyber risk measures, methods, and reporting 
  • Strategically drive the development and execution of risk assessments and mitigation plans to enhance the client’s ability to identify, evaluate, prioritize and mitigate risks
  • Implement risk management solutions aligned to the client’s vision and strategic priorities
  • Deliver key messages with clarity, confidence, and poise to instill confidence in clients
  • Drive development and implementation of cyber strategies targeted on key client’s risk and business needs, and enhanced by leading practices
  • Develop impactful reports and presentations that support the achievement of engagement goals and objectives

More Info: https://jobs2.deloitte.com/us/en/job/DELOA003X408642/Advisory-Cyber-Risk-Experienced-Hire-Consulting-Senior-Consultants-and-Managers


Job Posting-------------------------------------------------------------POSTED 5/15/2019

Company:
 Chewy
Position: IT Audit Manager
Description: 

The IT Audit Manager will be responsible for evaluating and making recommendations to ensure that the control environment adequately safeguards the Chewy’s IT and Business environment, ensuring that the electronic information is complete, reliable, and adequately secured.

In this position the IT Audit Manager must be able to understand complex business and IT processes and identify the full range of risks related regulatory compliance, organization, policy, and technology. The person should be comfortable interacting with highly technical software development engineers and business leaders. The IT Audit Manager needs a broad technical background and the ability to learn new technology concepts quickly; and must be comfortable performing as a sole contributor, teammate, and manager concurrently.

The IT Audit Manager will lead the planning, scoping, execution, and reporting of SOX and Risk-Based audits. The IT Audit Manager will also make recommendations to improve the efficiency, security and effectiveness of the IT internal controls and operating processes, as well as compliance with government and industry regulations utilizing IT applicable frameworks (COBIT, NIST, ISO, etc).

In this role, the IT Manager should be able to not just find risks and observations but should be able to translate IT technical risks into business issues and must prioritize findings and recommendations to align with Chewy’s corporate strategy. The role requires the person to build good working relationships with the IT governance team, process owners and management. Also, facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated appropriately. At Chewy, we value personality, insight, intellectual flexibility, and sound business judgment.

What you'll do:

  • Strong analytical skills. Proven history of analyzing data and situations to identify meaningful observations.
  • Proven history of analyzing IT infrastructure, data points and various IT related situations to identify meaningful observations.
  • Actively manage IT SOX and operational audit scoping, planning, fieldwork and reporting.
  • Strong risk management experience, including performing assessments and audits, designing controls and prioritizing risk.
  • Team-up with other Internal Auditors in the department, manage staff and resources needed to meet and exceed company, department and individual goals.
  • Perform risk-based audit testing, root cause analysis, and prepare audit work-papers as per Chewy’s Internal Audit department and IIA Standards.
  • Lead the analysis and review of key internal control procedures, risk and control matrices, and test plans. This includes updating process related documentation, control testing and deficiency analysis.
  • Experience with DevOps and system implementations.
  • Drive process improvements for greater accuracy, financial control, and efficiency
  • Communicate with co-workers, management, customers and others in a courteous and professional manner
  • Consult with the Company's external auditors and provide assistance as needed during the financial and internal control audit processes

What you'll need:

  • BA/BS in Accounting, Information Systems, Computer Science or a related field
  • Strong analytical skills using analytics applications (Tableau, ACL, IDEA, SQL, etc)
  • Solid understanding of SOX and internal controls 
  • Strong process analysis, risk and control identification, and problem solving skills
  • Sarbanes-Oxley compliance experience
  • Understanding COSO, COBIT and other IT relevant frameworks
  • Good understanding of ITGCs, Technology Infrastructures, and/or Business Application design.
  • Knowledge of information technology frameworks and industry best practices.
  • Strong analytical, project management and organizational skills
  • Ability to work on multiple projects under tight time constraints
  • Ability to deal with imperfect information and ambiguity
  • Ability to network and collaborate cross-functionally
  • Minimum of 5 - 7 years of relevant experience
  • Prior experience with a Big 4 accounting firm preferred, not required
  • CISA, CPA, CIA, or other applicable professional certifications, or candidates for certification desired.
  • Experience with e-commerce, cybersecurity and privacy is a plus.
  • Ability to manage and deliver projects within budget, on time and of high quality
  • Prefers fast-paced environment, displaying flexibility and focus under pressure
  • Team-player and relationship-builder
To Apply:
https://www.chewy.com/jobs/position/1632724?gh_jid=1632724


Job Posting-------------------------------------------------------------POSTED 4/11/2019

Deep Instinct – Solutions Engineer Coverage
Location: Southeast US and Lat Am
Work Location: Home-based, Miami
Position Description:
Deep Instinct is seeking a high-energy, experienced security pre-sales engineer with expertise in the anti-malware space. You should be able to articulate how Deep Instinct products are designed, deployed, and configured. You will be part of a sales team responsible for evangelizing game changing security products in the next generation endpoint and mobile technology space. You should be a self-starter and comfortable working in a fast-paced environment on multiple pre-sales engagements
Position Requirements:
•3 to 5 years’ experience in cyber security, preferably endpoint cyber defense, along with relevant professional certifications
•Partner with Field Sales to pursue new business opportunities and support all aspects and phases of the Deep Instinct sales process
•Evangelize and demonstrate Deep Instinct’s products to prospects, customers, and partners via presentations and product demos
•Demonstrable experience in objection handling and positioning against competitive technologies
•Demonstrable experience speaking to both small and large audiences
•Use concise written and oral communication skills to effectively lead business and technical presentations, demonstrations and conversations with both executives and technical audiences
•Experience with Win, MacOS, and mobile operating systems
•Must have demonstrable experience successfully selling to the mid- to large customers
•Provide 1st-level technical support throughout the sales cycle.
•Provide professional responses to customer RFPs / RFIs
•Hands-on software demonstration experience
•Strong team player who's willing to work hard while having a lot of fun
•Drive the Evaluation/POC process: Properly scope and define evaluation goals•Assess customer requirements/objectives and tailor POC tests and findings accordingly
•Assist prospects with initial configuration and orientation
•Provide product feature input to product management
•Team Oriented and Collaborative.
•Travel up to 50% in region possible.
•Excellent attitude and a self-starter who takes strong accountability for personal results
•5+ years of enterprise Sales Engineering experience selling into the F1000
•BS/BA or equivalent security experience
Excellent writing and presentation skills
Spanish fluency is a must, Portuguese a plus

For more information, contact Yuda Saydun:  yuda@cyvent.com

Job Posting-------------------------------------------------------------POSTED 3/09/2019, Updated 4/26/2019

Senior Information Systems Auditor

The Senior Information System Auditor assists the Information Systems Audit Project Manager in completing projects undertaken by the Office of Internal Audit. Conducts Information Technology (IT) risk assessments and assists in the Development of IT audit plans. Plans and conducts audits of information systems, financial systems, and provides management advisory services.
• Assists the Information Systems Audit Project Manager implementing IT operational and financial audits, internal control reviews, management advisory services and other projects undertaken by the Office of Internal Audit.
• Conducts Information Technology (IT) risk assessments and assists in the development of IT audit plans.
• Plans and conducts audits of information systems, financial systems and provides management advisory services.
• Interprets policies of Florida International University, and other state agencies, the Federal government and other pertinent agencies in relation to the performance of duties.
• Conveys audit results through written reports and conferences. Prepares supporting work papers and drafts reports.
• Initiates follow-up reviews as needed.
• Provides information technology support for the office by helping maintain hardware and software integral to audit processes and audit management.
• Determines compliance with applicable laws, rules, regulations and policies for areas under examination. Makes recommendations for improvements continuous.
• Performs other related duties and tasks as they relate to the operations of the Office of Internal Audit. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position.

Minimum Qualifications:
• Bachelor's degree in a related field and four (4) years of experience or a Master's degree in a related field and two (2) years of experience.
• Certified Information Systems Auditor (CISA) - must be obtained within six months of hire date.

Desired Qualifications:
• Certified Information Systems Administrator (CISA)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Security Professional (CISSP)

Advertised Salary - $70,000-$76,000

To learn more about this opportunity, visit our site at careers.fiu.edu and search for 517629.

Clery Notice
In compliance with the Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act, the University Police department at Florida International University provides information on crimes statistics, crime prevention, law enforcement, crime reporting, and other related issues for the past three (3) calendar years. The FIU Annual Security report is available online at: https://police.fiu.edu/wp-content/uploads/sites/54/2016/04/Campus_Security_Report__Safety_Guide.pdf. To obtain a paper copy of the report, please visit the FIU Police Department located at 885 SW 109th Avenue, Miami, FL, 33199 (PG5 Market Station).

Pay Transparency
Florida International University will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

FIU is a member of the State University System of Florida and an Equal Opportunity, Equal Access Affirmative Action Employer all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Contact: Adele Mann, admann@fiu.edu, 305-348-9462


Job Posting-------------------------------------------------------------POSTED 3/07/2019


Auditor, Information Technology

Closing Date 3/24/19-11:59PM EST

Salary Depends on Qualifications

Full-Time Regular

Gainesville, Florida

 

The City of Gainesville's Auditor's Office is seeking a dynamic and experienced individual who is innovative and forward thinking to perform internal audits of the City's Information Technology (IT) operations.

 

The tasks to be performed may include but not be limited to, assessing the effectiveness of the IT control environment to help reduce the risk of ineffective IT processes adversely impacting the City and to increase the reliability and integrity of data and information; testing general computer controls (e.g.., logical security and program change control for operating system, database, application and network environments, computer operations, and datacenter physical security), as well as business cycle controls and IT application testing; conducting informational interviews with auditees for familiarization, process walkthrough, and key control identification purposes; and developing audit test steps or programs to ensure control areas provide comprehensive coverage.

 

To be considered for this position you must have a Bachelor's degree from an accredited college or university in Computer Science, Management Information Systems, Accounting or related field; and four (4) or more years of progressively responsible internal and/or external Information Technology experience.

 

Notes: 

  • Experience using Audit Command Language (ACL) is preferred.
  • Experience working with some or all of the following is preferred: Windows server environments, relational database management systems (RDBMS) such as Oracle and SQL, UNIX operating systems, Microsoft Active Directory, and SAP software. 
  • COBIT, ITIL, ISO/IEC 27000, or SOC knowledge is preferred.
  • A Certified Information Systems Auditor (CISA) or a Certified Information Systems Security Professional (CISSP) certification is preferred and may substitute for a maximum of two (2) years of the required experience.
  • A Valid U.S. Driver License required upon appointment


Job Posting-------------------------------------------------------------POSTED 2/28/2019

Company:                              Laureate Education, Inc.
Job Title:                               Manager, IT Internal Audit
Reports To:                           Director, IT Internal Audit
Department:                         Internal Audit
Location/Unit:                      Baltimore, MD or Miami, FL
Date Revised:                       12/11/2018

 

Job Purpose:                     
 Serve as a thought leader and subject matter expert in the area of assurance, and specifically IT audit. Provide commentary and relate industry best practices and emerging trends to continually improve the organization’s IT capabilities and contribute extensively to the continuous identification, evaluation and remediation of technology-related risks.
 Individual would be responsible for the management and overall execution of IT assurance-related activities, which include but are not limited to IT Compliance Audits, Cybersecurity and Privacy Audits, Vulnerability and Penetration Audits, Infrastructure Audits, and Pre/Post-Implementation Reviews. The individual would also be responsible for the collaboration with Financial/Operational peers and overall execution of integrated assurance activities.
 Individual will also be responsible for supporting strategic business initiatives by advocating and enhancing the risk and control environment, and when appropriate, engaging, managing and reviewing the work of outside consultants/advisors.
 This person will be required to manage the development of analysis, reports, recommendations and insights gained from assurance-related activities and discover meaningful patterns that may be indicative of pervasive technology issues.
           

Responsibilities:   

  • Develop strong working relationships and foster effective communications with audited units, including IT and business areas, and internal audit management
  • Execute the review of all work papers, ensure audits are performed within the time budget allotted
  • Present, discuss and follow-up audit recommendations with Top Management
  • Assignment of staff, planning supervision and oversight of specific and simultaneous IT audits
  • Propose new audit techniques and procedures to improve effectiveness/efficiency of audits
  • Ensure compliance with Laureate’s policies and procedures, applicable laws and regulations, and keep current on compliance-related areas
  • Prepare deliverables/reports for review by the IT Audit Director that include thematic issues, trends and other micro/macro level risks identified through the execution of IT audits and other assurance-related activities
  • Ongoing assessment and completion of internal audit staff performance appraisals, promotion recommendations, and professional development
  • Manage the periodic QA of IT audits and make suggestions on how to improve consistency as well as our overall approach to delivery
  • Participation in the overall development of the annual audit plan.
  • Continuously educate stakeholders on how audit initiatives and risk management can help them achieve their business goals and influence them to take action based on audit findings.
  • Serve as an on-going subject matter expert in the area of technology and corresponding new capabilities
  • Maintain internal audit competency through ongoing professional development
  • Take responsibility for coaching/mentoring and the continuous development of respective teams
  • Perform other duties as assigned by either the Chief Risk Officer, Global Head of Internal Audit or the Director of IT Internal Audit

Qualifications, Training & Experience:

  • BA/BS degree required and Master’s Degree preferred (coursework in areas of study, including but not limited to decision information sciences, computer science, computer engineering, management information systems, business, accounting, or finance).
  • 7-10 years of related work experience;
  • 5+ years of related audit or applicable business experience; 2 or more years in a management role and 3 years of public accounting experience preferred.
  • CISA, CISSP, ITIL, CIA, or CPA/CA certification required. Based on an individual's professional background, area of specialization, or industry focus, we recognize that other certifications, credentials, or experience may be more relevant than the listed certifications and therefore may be acceptable substitutes that will be given consideration upon further discussions.
  • Higher Education industry experiences a plus.
  • An in-depth understanding of core information technology processes and controls, current trends in corporate information technology and emerging themes in the market place.
  • Advanced knowledge of commonly used internal control frameworks, including COSO and COBIT.
  • Advanced knowledge of audit methodologies and developing key internal audit deliverables, including process flows, work programs, audit reports, and control summaries.
  • Advanced knowledge of The Institute of Internal Auditors (IIA’s) code of ethics and compliance requirements.
  • Ability to handle complex projects in a multi-tasking environment, meeting deadlines and interacting with individuals at all levels within the organization.
  • Strong oral and written communication and interpersonal skills to successfully build long-term relationships with colleagues and business partners.
  • Experience working in diverse multicultural environment.
  • Strong organizational and time management skills.
  • Proactive attitude, fast learner, and team player.
  • English and Spanish proficiency required (speak, read and write);