Security Audit Analyst

Role : Security Audit Analyst Technical / Functional Skills :

• CISA strongly preferred with 3-5 years of audit and compliance experience.
• Excellent analytical skills, attention to detail, and a high level of initiative
• Knowledge of Audit framework like RCSA Framework, Security Trust framework and tools, and process improvement models
• Leading specific audits of SOX, SOC-I, SOC-II, PCI-DSS and NYDFS, operational and regulatory audits, including planning individual audits, performing tests and reporting.
• Supervising or reviewing tests prepared by analysts
• Full scope responsibility for delivery of a complete control test for SOX, SOC-I, SOC-II,
• Assisting in tracking the remediation of gaps Roles & Responsibilities : 1.Coordinate with application team to perform internal audit procedures for the organization, including IT SOX, SOC1, SOC2,PCI-DSS, NYDFS, Insurance Security Data Act. 2.Ability to perform testing of IT controls for compliance audits like SOX, SOC1, SOC2, PCI-DSS etc .. 3.Knowledge of RCSA Framework and Security Trust Framework 4.Responsible for governance and reporting for general IT controls and automated application controls, which include regulatory compliance listed above. 5.Lead IT audit and compliance internal audits and test IT controls and evidence collection 6.Provide compliance support in design, implementation, and continual operation of general IT controls. Continuous Monitoring of Controls 7.Monitor and evaluate changes in industry law, regulations and compliance requirements and adjust scope as necessary. 8.Recommend remediation projects to resolve compliance gaps and improve operations to be compliance. 9.Provide project management support to all IT audits and Control Test Automation projects, including documentation tracking and providing, and status management and reporting to internal management. 10.Design and implement compliance testing and documentation across all process domains 11.Review audit results with appropriate management personnel and provide recommendations for remediation. 12.Write reports and develop presentations to communicate audit findings, control gaps and remediation efforts to management. 13.Oversee and facilitate remediation efforts with management personnel.