Friday, March 23, 2007

Senior IT Security Auditor in Brooklyn, NY

Friday, March 23, 2007
Lead the development of a security internal audit activity to ensure the proper management of risk and compliance with security policies. Provide subject matter expertise in IT security auditing. Develop and document security audit strategy, policies, and processes. Develop audit checklists and train IT organization on their use. Participate in, and in some cases lead risk assessment exercises and workshops with both functional and technical teams. Conduct initial audits of key infrastructure and application systems. Assist in the development of remediation plans based on audit results. Ensure that audit requirements are integrated into overall security policies and operational plans. Work with risk and vulnerability management functions to ensure that monitoring and scanning is appropriately prioritized. Train security personnel in the conducting of security audits. Serve as liaison to non-IT internal audit activities throughout the organization. Experience: Experience leading IT security audits for large organizations (at least 20,000 employees). . Experience conducting and documenting risk assessments, particularly surrounding large-scale applications, preferably on data warehouse and portal projects. Experience developing and implementing audit plans, processes, and checklists. General knowledge of internal auditing practices and experience working with non-IT audit activities. Experience with data loss prevention (DLP) technology strongly preferred. Broad and deep knowledge of infrastructure, application, and data security Knowledge of Federal, State, and Local information security and privacy regulations. Very strong written and verbal communications skills and an ability to communicate technical information to non-technical audiences. Experience working for a major security audit/consulting firm (Big 4, IBM, Symantec, etc.) Advanced auditing certification (CISA, CIA) To Apply to this job go to http://www.GadBall.com or click here