Senior Information Security Auditor (HA-12349719) Manhattan, New York
The Information Security Auditor will join the IT Audit and Compliance team and will be responsible for handling Information Security Audits, ensuring security compliance, and serving as a link to security to the business and clients. This individual will conduct internal business unit risk assessments and vendor/third-party audits. You will also partner with Legal and Compliance on possible regulatory issues and proper use of the client’s product line, which involves working with business units to determine security measures and monitor/follow up on policy violations. Successful candidates will stay current on security and privacy legislation, regulation, and advisories.
5-7 years of experience within IT/audit/ information security in the financial industry.
Experience in information security architecture, technical and business compliance controls assessments
Knowledge on the appropriateness of Segregation of Duties in financial applications and conducting such reviews.
Identifying and assessing security controls within financial trading systems including front and back office operations
Experience with Business Continuity and Disaster Recovery Planning and Audit.
Excellent written, oral communication and presentation skills
Ability to communicate and interact with senior management in an advisory/consultative manner
Some business travel required to accommodate onsite audits and/or reviews
FISMA, HIPAA, Payment Card Industry Data Security Standard (PCI DSS), GLBA, SOX, etc
Working knowledge and experience in policy and regulatory environment of information security
Virtualization and Cloud technology
Strong project management skills and be able to work in a fast-paced environment
Ability to work well in a team environment as well as independently
Perform a risk assessment from a technical and business process standpoint based on a gap analysis of the current state of the company’s transactional trading products.
Organizing and leading walkthroughs with technical and business personnel to understand the flow of data
Document the walkthroughs and identify the key technical and business controls.
Assess the key controls identified during the walkthroughs
Document and evaluate automated and manual application controls within the financial applications
Create findings and recommendations based on the controls assessment
Summarize the findings and present the results of the audit to executive management
Education/ Certifications/ Experience
Bachelors with 5-7 years of work experience or 5 years with advanced degree (MIS, Information Security, or related)
Minimum of 3 years in Information Security Audit / IT Audit /Compliance
Technical: CISSP, CISA or CISM
Financial: FINRA (i.e. Series 7, Series 63 or other) a +
If you meet the above requirements, please apply to Shelley Leeman at Huxley Associates.