Job Description SummaryThe Senior Digital Auditor performs security assessments and information security audits of various IT security controls utilizing established IT risk assessment framework and assessment programs. Conducts IT risk assessments to identify appropriate oversight tier and relevant IT controls. Develops and executes assessment approach based on risk assessments. Prepares assessment reports detailing assessor's review of the information security controls and any control gaps. Engages business to remediate issues.

Job Description

Roles and Responsibilities

In this role, you will:

Assess the effectiveness of IT controls, processes, and systems against regulatory, operational, and compliance standards.Perform data analytics to identify risks, trends, and anomalies within IT environments.Develop and optimize audit analytics scripts, dashboards, and methodologies to enhance audit efficiency and insights.Prepare and present assessment findings to a cross-functional audiencePrepare comprehensive audit findings and recommendations, communicating results to senior stakeholders effectivelyProvide practical recommendations to remediate control gapsEngage business units, IT teams to remediate control gaps.Participate in compliance related activities such as audits, issue remediation, supplier coordinationCommunicate common information security themes and control gaps identifiedCoordinate across multiple functions to ensure appropriate sustainable actions are taken for gap remediationEstablish operating rhythm with Business Units to report out on key metrics including status of assessments and issue managementStay current and utilize industry standards and best practices to drive improvements to our security postureStay abreast of emerging technologies, industry trends, and advancements in IT audit and analytics toolsSupport education of our stakeholders, application teams,  providing guidance and sharing best practices to develop their skills and expertise.

Education Qualification

Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with advanced experience.Minimum 3 years IT Audit/Security Audit/IT Compliance/IT Risk analysis experienceExperience with advanced analytics, data analysisUnderstanding of IT technologies, standards and how to apply them

Desired Characteristics

Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNASolid understanding of IT processesExperience performing IT Audits or Security Assessments in a regulated environment (i.e. Financial Services, Healthcare companies)Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)Awareness and experience with industry regulations (i.e. HIPAA, Export control, PCI)Proven ability to execute across multiple locations and stakeholder groupsAbility to work cross-functionallyAbility to influence others effectively across a matrixed organizationExcellent analytical / technical skillsStrong oral communication, business writing, presentation and facilitation skillsCoordinate efforts in line with the \"bigger picture\" to maximize the overall value of IT service delivery and demonstrated history resolving conflicts in priorityAwareness of and ability to deliver compliance requirementsExcellent written and verbal communication skills and ability to interface and influence at all levels in the organizationDemonstrated ability to excel in a global matrix organizationAbility to learn complex systems and business processes and define requirements for solutions Experience working with healthcare specific legal and regulatory requirements

Note

To comply with US immigration and other legal requirements, it is necessary to specify the minimum number of years' experience required for any role based within the USA. For roles outside of the USA, to ensure compliance with applicable legislation, the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.

This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

Additional Information

Relocation Assistance Provided: No