Position Purpose: Design, implement and monitor IT controls for core applications and systems. Analyze IT data to assess risk and improve processes and efficiency.
- Design, monitor and evaluate controls for effectiveness and efficiency to mitigate areas of risks
- Prepare and document standard procedures and protocols.
- Assess application risks, system risks and data processes within IT and address risks with applicable general controls and recommend solutions
- Utilize qualitative analysis to assess risk and translate to quantitative ouputs
- Review and prepare scheduled risk assessment reports from both internal and external requests
- Recommend application and system level controls in adherence to best security practices
- Complete optimization reviews and prepare risk reports associated with the completion of scheduled assessments
- Identify key controls and coordinate appropriate measurement efforts for process improvement
- Lead and assist others with designing the IT environment to conform to relevant industry standards, such as ISO 27001, HIPAA, Sarbanes-Oxley, PCI-DSS and other related state requirements
- Lead and assist others with implementation of department strategy related information systems and technology architecture
- Educate and train employees in the fundamentals of Security Risk Management
- Establish new or improved methods design patterns and standards to solve moderate problems
- Provide support, direction and guidance to project team membersQualifications:
Education/Experience: Bachelor's degree in IT, MIS, Accounting, Finance, Business Administration, related field or equivalent experience. 4+ years of combined auditing and IT controls design experience. Knowledge of IT systems and processes and experience evaluating internal technical control systems required.
Licenses/Certifications: CISSP, CRISC, CISA, or CISM preferred
Job Type: Full-time
Salary: $115,000.00 /year
- combined auditing and IT controls design: 4 years
- CISSP, CRISC, CISA, or CISM