Information Systems/ Security Auditor

2T Consulting

New York, NY

Posted On: Dec 16, 2024

Posted On: Dec 16, 2024

Job Overview

Job Type

Contract - Corp-to-Corp, Contract - Independent, Contract - W2

Experience

4 - 8 Years

Salary

Depends on Experience

Work Arrangement

On-Site

Travel Requirement

0%

Required Skills

  • compliance
  • IT security
  • security auditing
Job Description
Job Responsibilities
  • Collect and document audit evidence through data sampling and review of IT systems for compliance and security.
  • Evaluate the effectiveness of technical, administrative, and physical controls within the organization’s information systems.
  • Assess policies, standards, and procedures for compliance, control design strength, and operational effectiveness.
  • Examine technical documentation (e.g., architecture diagrams, data flow diagrams, engineering change tickets) for alignment with security policies.
  • Prepare audit reports, highlight findings, and provide recommendations for enhancing controls and compliance.
  • Critical System Review: Audit critical IT systems for security and compliance.
  • IT Cyber Routine Work Sample Review: Review routine cyber security tasks to ensure adherence to policies.
  • Engineering Modification Review: Assess engineering modifications for security and compliance impact.
  • Vulnerability Management Review: Evaluate vulnerability management processes, including scanning, patching, and remediation.
  • IT Cyber Training Program Health Review: Assess the effectiveness of IT cyber security training programs.
  • Critical Asset Work Order Review: Review work orders related to critical IT assets to ensure security and compliance.

 

Job Qualifications
  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field.
  • Minimum 3-5 years of experience in IT auditing, security auditing, or related roles.
  • Experience in evaluating and auditing control environments, policies, and technical documentation.
  • Strong understanding of IT systems, security controls, and vulnerability management practices.
  • Hands-on experience with audit tools, risk management frameworks, and compliance standards (e.g., NIST, ISO, SOC, GDPR).
  • Strong knowledge of IT and information security frameworks (e.g., NIST, ISO 27001).
  • Ability to read and understand technical documentation (network diagrams, system architecture, etc.).
  • Experience in assessing vulnerability management, patch management, and remediation processes.
  • Certifications: One or more of the following certifications preferred:
    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • Certified Ethical Hacker (CEH)
    • Certified Information Systems Security Professional (CISSP)

Job ID: 2C240500

Posted By

Shayne

Sr. Recruiter