Security Control Auditor
4 weeks ago
Summary:
The Security Control Auditor is a critical member of the chief information security officer's (CISO's) team. The role is responsible for ensuring that the security controls in place across the organization's information systems are functioning as intended to protect sensitive healthcare data and maintain compliance with applicable regulations. This role involves auditing and validating the effectiveness of security controls, identifying gaps, and working with various teams to implement improvements.
Responsibilities:
- Conduct regular audits of security controls to ensure they are implemented and function as intended across the organization's technology environments including cloud, on-premises, and hybrid systems.
- Validate the effectiveness of controls in the environment such as but not limited to multi-factor authentication (MFA), O365 conditional access policies, firewall rules, IPS rules, SIEM alerting/detection, and security platform controls.
- Develop and deliver reports on the status of security controls including compliance with organizational policies, industry standards, and regulatory requirements.
- Identify, document, and report any deviations from policy/standards, recommend corrective actions, and review security policies and control documentation to align with current practices.
- Review and recommend updates to security policies, procedures, and control documentation to ensure they reflect current security practices and regulatory requirements.
- Monitor emerging threats, vulnerabilities, and industry best practices to ensure security controls remain effective and aligned with the evolving threat landscape.
- Drive process improvements for security control validation procedures to optimize efficiency and effectiveness.
- Provide expertise on security best practices across IT infrastructure and enterprise operations to support secure business strategies.
- Perform detailed security risk assessments on IT Infrastructure as directed.
- Design and implement security control testing procedures to validate the continued effectiveness of all IS Security mandated controls. This will include White Box testing to see if implemented controls and alerting are tripped resulting in an incident/escalation from Security Team.
- Perform Risk Register Validations as directed.
- Research and assist in the piloting and evaluation of new tools, technologies, technical controls, and processes to support and enforce defined security policies.
- Develop a strong working relationship with the security team to develop and implement controls and configurations aligned with security policies and legal, regulatory, and audit requirements.
- Assist in the development and documentation of security policies, standards, and procedures.
- Perform other duties as assigned.
EDUCATION:
A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
Active Certifications Required (3 or more - CISSP, CCSP, OSCP, OSCE, CISA, CRISC, GIAC, CEH, Security+, CCNA Security, CCNP Security).
EXPERIENCE:
A minimum of ten years of IS experience with five years in a hands-on information security role.
Experience with scripting and automation to streamline processes.
Subject Matter Expert (SME) level knowledge of security tools, trends, methodologies, and best practices for securing platforms and operating systems at the server, client, and handheld level.
Motivated self-starter who has a track record of taking ownership of information security challenges and driving them to resolution.
Must be able to thrive in a fast-paced, rapidly evolving security department/environment with varying priorities while interacting with other departments that are moving at a much slower speed.
Thorough and current understanding of a wide range of threat vectors and their potential exploits against current corporate controls and platforms.
Strong knowledge of industry frameworks related to information security (e.g. ISO 27000, NIST, HIPAA Security, CIS Benchmarks, etc.).
Experienced in the use of virtualization technologies including those that utilize cloud services such as Azure/AWS.
Excellent technical knowledge of mainstream operating systems (for example, Microsoft Windows and Linux) and a wide range of security technologies such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
Maintain an expert knowledge of InfoSec industry trends and developments and advise on changes to the threat landscape.
Knowledge of network infrastructure including routers, switches, firewalls, and the associated network protocols and concepts.
Excellent interpersonal, verbal, and written communication and organizational skills.
Ability to communicate security guidance to a non-technical audience.
INDEPENDENT ACTION:
Functions independently within departmental policies and practices. Must be able to work independently in a manner to achieve goals, objectives, and productivity requirements.
SUPERVISORY RESPONSIBILITIES:
Employee functions independently within department policies and practices; refers specific decisions to security management where authority is outside of the defined departmental RACI Matrix or clarification of departmental policies and procedures may be required.
Brown University Health is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, ethnicity, sexual orientation, ancestry, genetics, gender identity or expression, disability, protected veteran, or marital status. Brown University Health is a VEVRAA Federal Contractor.
Location: Brown University Health Corporate Services USA:RI:Providence
Work Type: Full Time
Shift: Shift 1
Union: Non-Union
#J-18808-Ljbffr-
Senior Information Security Auditor
2 weeks ago
Providence, Rhode Island, United States Insight Global Full timeJob OverviewWe are seeking a highly skilled Senior Information Security Auditor to join our team at Insight Global. In this role, you will be responsible for defining scope, conducting risk assessments, identifying control gaps, and developing recommendations to ensure the security and compliance of our network and EDI systems.Key ResponsibilitiesDefine...
-
Senior Auditor
4 weeks ago
Fairfax, VA, United States George Mason University Full timeDepartment: Office of Audit Risk and Compliance Job Category: Administrative or Professional Faculty Job Type: Full-Time Work Schedule: Full-time (1.0 FTE, 40 hrs/wk) Location: Fairfax Telework Friendly: Hybrid Eligible Salary: Salary commensurate with education and experience Criminal Background Check: Yes Financial...
-
Financial Statement Controls Testing
4 weeks ago
Portland, OR, United States VanderHouwen Full timeFinancial Statement Controls Testing (Internal Auditor) Our industry leading client, headquartered in Portland, Oregon, seeks a reliable Financial Statement Controls Testing (Internal Auditor) to support their team! The ideal candidate is team-oriented with a passion for efficiency and accuracy. This is a remote position requiring core Pacific Time Zone...
-
Senior Auditor
4 weeks ago
McLean, VA, United States Sterling Freeman Full timeSenior Auditor - McLean, VA CPA Firm Our Senior Auditors work with Mid-Sized and Small companies in multiple industries. As a Senior Auditor with our firm, you’ll be responsible for completing client engagements while developing strong working relationships with clients built around understanding their businesses and challenges. As a Senior Auditor,...
-
Senior Auditor
4 weeks ago
Charlotte, NC, United States Sterling Freeman Full timeSenior Auditor - Charlotte, NC CPA Firm Our Senior Auditors work with Mid-Sized and Small companies in multiple industries. As a Senior Auditor with our firm, you’ll be responsible for completing client engagements while developing strong working relationships with clients built around understanding their businesses and challenges. As a Senior Auditor,...
-
Supervising Internal Auditor
4 weeks ago
Riverside, CA, United States County of Riverside Full timeThe Riverside County Auditor-Controller's Office (ACO) is looking for a highly skilled and motivated Supervising Internal Auditor to join the Compliance Unit in Riverside, CA. In this role, the selected candidate will plan, organize, and supervise the work of internal auditors and other staff engaged in conducting audits of departmental, fiscal, or...
-
Senior Auditor
4 weeks ago
Denver, CO, United States Sterling Freeman Full timeSenior Auditor – Denver, CO CPA Firm Job Passion, Innovation, Cooperation, Vision, Health. Some have even described us as the un-accountants. Words you might not expect from a CPA firm, but that's how we work and how we live, and what has made us one of the largest, most successful accounting firms in the country. With more than 75 industry and service...
-
IG Supervisory IT Auditor/Program Analyst
4 weeks ago
Washington, DC, United States Central Intelligence Agency Full timeIG Supervisory IT Auditor/Program Analyst Inspector General Supervisory Information Technology (IT) Auditors/Program Analysts supervise, plan, and review the work of a team responsible for conducting IT audits of CIA programs and activities. Full time U.S. citizenship required (dual-national U.S. citizens eligible). All positions require relocation to the...
-
Senior Auditor
4 weeks ago
Alexandria, VA, United States Sterling Freeman Full timeSenior Auditor - Alexandria, VA CPA Firm Our Senior Auditors work with Mid-Sized and Small companies in multiple industries. As a Senior Auditor with our firm, you’ll be responsible for completing client engagements while developing strong working relationships with clients built around understanding their businesses and challenges. You will manage...
-
Information Technology Auditor
1 month ago
Springfield, MA, United States MassMutual Full timeInformation Technology AuditorCorporation Audit TeamFull TimeBoston, MA or Springfield, MAThe OpportunityAs an Information Technology Auditor, you will have an opportunity to function as an information technology risk and control expert, providing advice/mentoring to audit associates and information technology/business area management while championing...
-
Senior Auditor
4 weeks ago
Atlanta, GA, United States Sterling Freeman Full timeSenior Auditor - Atlanta, GA CPA Firm Our Senior Auditors work with Mid-Sized and Small companies in multiple industries. As a Senior Auditor with our firm, you’ll be responsible for completing client engagements while developing strong working relationships with clients built around understanding their businesses and challenges. As a Senior Auditor,...
-
IT Internal Auditor
4 weeks ago
San Francisco, CA, United States Avispa Technology Full timeIT Internal Auditor 1373354 A leading video, audio, and voice technologies company is seeking an IT Internal Auditor. The successful candidate will be involved in both the internal audit projects and Sarbanes-Oxley testing efforts primarily for IT but will also engage in business process areas. The candidate has four or more years of relevant experience in...
-
Security Systems Specialist
1 month ago
Providence, Rhode Island, United States Securitas Electronic Security Full timeAt Securitas Electronic Security, we're committed to making the world a safer place. Our team of professionals works tirelessly to deliver exceptional security solutions that protect businesses and individuals alike.About the JobWe're seeking an experienced Embedded Security Installation Technician to join our dynamic team. As an integral part of our...
-
Sr. IT Auditor
1 month ago
McKinney, TX, United States Globe Life Inc. Full timeSr. IT Auditor (Hybrid) Primary Duties & Responsibilities At Globe Life, we are committed to empowering our employees with the support and opportunities they need to succeed at every stage of their career. Our thriving and dynamic community offers ample room for professional development, increased earning potential, and a secure work environment. We...
-
Senior Auditor
4 weeks ago
Stamford, CT, United States Sterling Freeman Full timeSenior Auditor – Stamford, CT CPA Firm This is a high-energy, positive environment. We highly value delivering superior service to our clients, a high-growth atmosphere to our team members, and a positive contribution to our community. Our clients are dynamic and ensure you a continuously satisfying variety of engagements including International. When you...
-
Senior Auditor
4 weeks ago
Boston, MA, United States Sterling Freeman Full timeBoston, MA, CPA Firm This is where challenge and professional growth meet. Smart, genuinely friendly, creative and inspiring team members. Our diverse client groups include Emerging Companies, Investors, Professionals, full Wealth Advisory Services and more. In addition to competitive salary, profit sharing, numerous social events and generous vacation time,...
-
Senior Auditor
4 weeks ago
San Jose, CA, United States Sterling Freeman Full timeSenior Auditor – San Jose CPA Firm Job We offer leading edge, high-touch tax advisory service to U.S. and International clients: corporate, tech, ultra and high net worth. A high-growth, but also well-managed environment where professional advancement is based on capability. Our culture is primed for career acceleration. We take pride in our energetic,...
-
Experienced Auditor
4 weeks ago
Miami, FL, United States Lennar USA Full timeExperienced Auditor in Miami, FL at Lennar It's fun to work in a company where people truly BELIEVE in what they are doing! We're committed to bringing passion and customer focus to the business. The Experienced Auditor will be responsible for evaluating financial and operational risks, and developing audit test plans and procedures to address those risks...
-
Senior Auditor
4 weeks ago
Honolulu, HI, United States Sterling Freeman Full timeMore than just tax accountants, we serve as trusted advisors for our sophisticated clientele. At this firm, you work directly with Partners and clients. Our office and technology are best in class. Our Partners, Managers, and Staff are among the most sought after in Southern California because of their expertise, integrity, and client recommendations....
-
Senior Auditor
4 weeks ago
Houston, TX, United States Westlake Chemical Corporation Full timeSUMMARY The Senior Auditor participates in and frequently serves as the team leader for a variety of projects which include internal audit reviews, vendor audits, process reviews, internal investigations, Sarbanes-Oxley controls testing and other projects. The Senior Auditor is responsible for evaluating the design of controls and testing the operating...
