Senior IT Security Auditor

If digital transformation, next-generation technology, and growth opportunities excite you, then join our Netcracker Technology team!  Our culture and collaborative work environment are the keys to our success.  Here you will work with the best in class global teams, earn a competitive salary and contribute to the largest digital transformations around the world. 

What’s in it for you?
At Netcracker, we are all entrepreneurs. This means we get creative when thinking of technical solutions, we explore possibilities and innovations and get excited about new technology.  We take complete ownership of our roles and aren’t micromanaged or left feeling like just another number. The results we achieve are highly visible to our leadership team and we are recognized for our work and promoted accordingly.

Position Summary:

This is an exciting role that will support a variety of audit, compliance and security initiatives!  The individual will own the complete life cycle of internal audits, client-requested audits, and compliance reviews.  The Senior IS Auditor must have the ability to drive key relationships and collaborate with internal and external stakeholders to identify and manage operational and security risks.  This position will also be a key interface with external auditors. This role will have direct influence over ongoing transformation of Netcracker’s security posture.

Role and Responsibilities:

• Continually monitor the Netcracker IT control environment and identify key risks, related controls and gaps
• Understand and drive adherence to corporate security policies and procedures
• Maintain the RCM and track findings
• Bridge cross-functional conversations to address control enhancement and finding remediation
• Manage internal audits, external audits, and compliance reviews (e.g., SSAE 18, PCI-DSS, ISO)
• Stay abreast of regulation and compliance changes and create awareness for control owners
• Draft management attestations and representation letters
• Conduct periodic risk assessments (e.g., vendor, insider threat, SANS Top 20)
• Act as a liaison between internal and external stakeholders on IT controls and compliance areas
• Assist with privacy compliance projects (e.g., GDPR, Data Privacy Framework)
• Participate in various risk management initiatives and projects, as assigned

Required Experience:

• 2-4 years’ experience in Big 4 IT Audit experience preferred
• 3-5 years’ in Information Security, IT audit and/or IT Risk Management experience a plus
• CISM, CISSP, CIA or CISA a plus
• Working knowledge and understanding of COSO, COBIT, IIA International Professional Practices Framework (IPPF), SSAE 18, PCI-DSS, ISO 27001/27018/22301, NIST 800 standards and frameworks
• Knowledge of relevant applications and technical platforms a plus: Windows Active Directory, Linux, Oracle, JIRA, Cisco and Fortigate Firewalls, SIEM tools, Nessus reports, Cloud architecture
• Excellent project management skills with the ability to meet tight deadlines
• Strong verbal and written communication skills
• Highly developed interpersonal skills, with emphasis on collaboration, influencing and building strong long-term relationships
• Proactively seeks guidance but can also work independently
• Familiarity of GRC platforms

Education:

• Bachelor degree in Information Systems Auditing, Computer Science, or related field

#LI-KS1