Security Auditor Job Description
Security Auditor Duties & Responsibilities
To write an effective security auditor job description, begin by listing detailed duties, responsibilities and expectations. We have included security auditor job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Auditor Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Auditor
List any licenses or certifications required by the position: CISA, CISSP, CISM, CIA, ISACA, CRISC, QSA, PCI, ISO, GIAC
Education for Security Auditor
Typically a job would require a certain level of education.
Employers hiring for the security auditor job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Systems, Technical, Education, Business, Information Technology, Accounting, Information Security, Finance, Engineering
Skills for Security Auditor
Desired skills for security auditor include:
Desired experience for security auditor includes:
Security Auditor Examples
Security Auditor Job Description
- Planning, coordination and execution of risk based audit, reviewing the adequateness and effectiveness of internal controls within the DB Technology and supporting organizations
- Support of global and regional audit teams executing audits and with adequate familiarization also independently coordinating and leading audits
- Engaging in and maintaining constructive relations to management in covered areas and to stakeholders, effectively establishing a relationship management role
- Coordinated and constructive collaboration with Principle Audit Managers and auditors within the Global Group Audit organization
- Consolidating and documenting audit results of regional and global audits into an audit report to be reviewed by the responsible PAM
- Review, tracking and validation of open audit issues closure requests
- Comply with the Group Audit Methodology and be a natural role model and reference point for peer group
- Core objective is the identification and classification of so far unknown risks, to be communicated to the responsible management and to support impacted areas implementing risk remediation in an advisory capacity
- Able to work in a coordinated manner with fellow Principal Auditors, both locally and globally, building contacts and relationships with clients and colleagues through effective teamwork and innovative thinking
- Have an innovative mindset and be able to develop ideas which are implemented and have a positive impact
- Experience with large and complex financial institutions or another highly-regulated industry
- Seven or moreyears of technology and audit experience (general technology controls,application, and pre-implementation system development reviews) within a publicaccounting, and/or internal audit function
- OOracle Database and Security Administration
- Good working knowledge of the UNIX/Linux/Windows systems and security administration, Active Directory, QUEST Active Roles Server, Roles Based Access Controls, Privileged access management tools
- A clear understanding of differences between independent oversight, supervision and execution responsibilities
- Experience in IT Audit and control concepts of Pre- and Post implementation audits
Security Auditor Job Description
- Fundamental understanding of regulatory requirements for financial institutions
- Bachelors Degree in Computer Science or a related scientific degree
- CISA, CISM, CSSIP, Security+, CEH or equivalent qualification preferred
- Working closely with control owners to identify solutions and close issues
- Review and analyze technical documents including
- Promote a risk-conscientious environment
- Primarily focused on Cyber Security (cyber risk, hacking etc) Product Security, and pre-implementation project execution
- Rotational strategy – after you have had a few years to get to know the business and the areas that align to your aspirations, we encourage and help you transition
- Work/life balance – work hard, play hard (far better balance than most Public IT Audit roles)
- Minimal travel – IT and audit functions most of the finance groups are based in Milwaukee
- Big 4 Audit or I.T
- Extensive experience in IT Security and audit
- On-site assessments
- External vulnerability assessments and reporting
- Internal vulnerability assessments and reporting
- Social Engineering Testing
Security Auditor Job Description
- The Information Technology Auditor IV shall be responsible the timely execution of risk-based information Systems audits in accordance with the annual audit plan
- As a member of the IT Controls and Assurance team, execute audits as per the annual plan
- Develop a strong working relationship with various stakeholders (both Internal and External) to help execute a successful audit program
- Add ‘value’ to the organization by advising management on ways to improve effectiveness and efficiency of controls
- Provide timely updates to management on the progress of audits and escalate any issues as appropriate
- Engage with independent auditors, certification bodies
- You give recommendations to strengthen IT environments against such breaches
- Create and maintain information system security documentation, Standard Operating Procedures (SOP), checklists, and Plans of Action and Milestones (POA&M)
- Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package
- Conduct daily, weekly and monthly review and management of the audit collection system
- Strong preference for CISSP, CISA certifications
- Must have the ability to interact with a broad range of people at all levels across multiple divisions, in particular, personnel from Creative, Production, Post-Production and
- 3 years of experience in Information Technology Audit, Information Security and /or other relevant experience
- Experience identifying information technology risks, testing network and application security, and providing management with information and recommendations
- Working knowledge of industry information security, information technology, information systems standards
- Understanding of Identity and Access Management technologies and methodologies across multilayer and multi-technology networks, system, application and databases
Security Auditor Job Description
- Monitor and assist with security infractions and assist in security investigations and responses as requested
- Communicate well, both written and verbal
- Support the implementation of the Group Audit risk-based methodology including
- Strictly adheres to and enforces system security policies and follows all company standards
- Supporting the implementation of the Group Audit risk-based methodology including
- Assists with monthly, quarterly, and annual regulatory audits and follow-up as necessary to ensure completion
- Perform systems and application security access reviews
- Acts as a liaison between the client’s internal/external auditors and Dell internal teams to ensure all auditor requests are completed accurately and in a timely manner
- Lead assigned IT audit projects to achieve department guidelines and within established timetables with high quality results
- Identifies risks and controls within applications and systems that supports key business processes and performs an assessment to determine audit scope
- CISA certification is mandatory
- Degree in Environmental Engineering, Management Engineering or comparable education
- Minimum of 2-year experience in social, environmental and security audit within structured companies or auditing firms
- Good Knowledge of Italian and European applicable legislation and SA8000 international standard
- Understanding of supply chain processes would be a plus
- Fluency in Italian and English (read, written, spoken)
Security Auditor Job Description
- Conducting Privacy Impact Assessments (PIA)s of all Major, Minor and GSS systems
- Obtaining security authorizations for systems by conducting security audits of the network and devices for Federal Information Security Management (FISMA)
- Ensuring information systems maintain appropriate operational security posture consistent with FISMA and working in close collaboration with information system owners
- Serving as an advisor on matters involving the security of information systems, and providing security training
- Developing and ensuring compliance with security policies, standards, and procedures
- Monitoring information systems and operational environments
- Developing and updating security plans/requirements
- Managing and controlling changes to systems, and assessing security impact
- Ensuring information system owners integrate and implement security requirements into the design, development, and configuration of information systems
- Completing all work assignments on a timely basis
- Proven risk assessment and problem solving skills
- High ethical standards and level of discretion
- Available to business trips (almost 50% of time)
- BS degree (or equivalent) and minimum of 4 years of IT related experience
- Bachelor Degree in Environmental Engineering, Management Engineering, Humanities or Social Sciences
- At least 1-year experience in social, environmental and security audit within structured companies or auditing firms