Assess, validate, document and support the implementation of internal controls as part of on-going compliance efforts (Internal/External/Regional/Security Audit.)
Identify and report control nonconformities that affect strategic compliance objectives and make recommendations to stakeholders, aimed to reduce the likelihood of system failure.
Assist the compliance team with reviewing and tracking outstanding information security findings and remediations, especially as they relate to policy, procedures and risk gaps.
Participate in driving education and awareness of Information security-related risks to Business, Users, IT Teams and reviewing the Information Security Controls implemented in the organization.
Participate in making recommendations to ensure effective and consistent control implementations and testing procedures to achieve Continuous Monitoring and Continuous Audit capabilities.
Lead and conduct Information Security Unified Control Reviews to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
Qualifications:
Bachelor's degree in IT, Computer Science, or related field
Minimum of 5 years experience in Information Security Audit
Experience in Data Information Security
Experience in automated processes using Microsoft applications, including Excel, Power Automate, and PowerShell.
Excellent communication skills
Ability to work independently and in a team
Relevant certifications (e.g., CISA, CISSP) are a plus
