| Technology Risk Security Analyst---Charlotte, NC hybrid at Charlotte, North Carolina, USA |
| Email: harsh.kashyap@tekinspirations.com |
|
From: Harsh Kumar Kashyap, TEK Inspirations LLC harsh.kashyap@tekinspirations.com Reply to: harsh.kashyap@tekinspirations.com Job Description -Technology Risk Security AnalystHybrid - Location: Charlotte, NCHybrid: 3 Days Onsite Tue - ThursdayThe team is seeking candidates with robust IT audit experience, specifically those who have evaluated both the effectiveness and design of controls. Ideal candidates should be able to distinguish between tested effectiveness and tested design, particularly within the context of operational effectiveness in risk and audit.Many applicants have primarily conducted non-IT audits or worked alongside information security professionals in a liaison role, without direct testing experience. Some claim to have testing experience, but it's evident that there is a gap in knowledge and skills. Basic SOX testing experience, which focuses on access management and general controls, is not sufficient for the broader scope of IT auditing they require.Key Qualifications: IT Audit Experience: Must have a traditional IT audit background, preferably with experience in technology auditing within banks. The team functions as the first line of defense, necessitating someone with a strong foundation in IT auditing. 2-4 years of experience in performing audits for Technology or Cybersecurity, Audit, Compliance, and/or Risk Management Knowledge Across Multiple Principles: Candidates should possess a broad knowledge base, including: Vulnerability management Identity and access management Capacity management SDLC (Software Development Life Cycle) Data classification Industry Knowledge: Ability to understand and identify controls and risks within processes, evaluate their design and effectiveness, and document findings. Analytical Skills: Capability to conduct walkthroughs with process owners or subject matter experts, assess alignment with industry practices and standards, identify red flags, and ensure proper risk management.Soft Skills: Ability to work semi-independently within a team environment, avoiding power struggles and collaborating on larger projects. Strong written and verbal communication skills.Additional Considerations: Financial industry experience is beneficial but not required. Familiarity with industry frameworks will be necessary for the job. Open to candidates from Charlotte Relevant certifications such as CISM, CISSP, CRISC, or CISA are highly desirable.Interview Process: There will be at least two interviews. Depending on the initial interview, a peer might also be involved in the process.Certifications that enhance candidacy includeThis refined description highlights the essential qualifications, skills, and attributes desired in a candidate, ensuring a clear understanding of the role and expectations. Keywords: information technology Technology Risk Security Analyst---Charlotte, NC hybrid harsh.kashyap@tekinspirations.com https://jobs.nvoids.com/job_details.jsp?id=1469003 |
| harsh.kashyap@tekinspirations.com View All |
| 03:59 AM 11-Jun-24 |