• Participate in Information Technology (IT), Cyber Security, Information Security, vulnerability assessments, Social Engineering, electronic banking, and vendor management audits of financial institutions’ control environments by assisting the IT audit team with the planning, administration, and execution of audits
• Assist in providing Information Security Officer services (vISO)
• Perform testing procedures to identify areas for improvement of processes and controls and develop recommendations based on the identification of potential risks relevant to the client
• Perform internal testing of IT controls for FFIEC, SOX, and ISO Compliance in accordance with IT audit standards, guidelines and best practices
• Review and test controls in IT systems and functions to ensure the integrity and security of company information and continuity of operations
• Prepare work papers that are consistent with generally accepted auditing standards, as well as established firm standards
• Assist in the completion of vulnerability and social engineering assessments
• Assist in special projects, as required
• Communicate with client Management in an efficient and effective manner
• Oversee senior and staff auditors while performing the more complex portions of audit engagements
• Review audit field work, and audit issues identified by senior and staff auditors as assigned and provide review/coaching feedback

• Bachelor degree in Management Information Systems, Business, or Accounting with an emphasis on Technology, Computer Science, Cyber Security, or Accounting Information Systems
• 5+ years of IT Audit experience or IT experience; related experience in the financial services industry is a plus
• Maintain an applicable certification (CISA, CISSP, CEH, CIA, etc.)
• General understanding of information systems auditing, IT control framework, information security, IT general controls, application controls, and information systems terminology, concepts and practices
• Understanding of auditing standards and best practices, government guidelines and laws (e.g., FFIEC, Sarbanes-Oxley Act).
• Maintain understanding and experience reviewing / performing reviews around Windows, Microsoft 365, networking, and other technical areas.
• Must demonstrate strong communication and interpersonal skills to deal with a diverse client group
• Solid strategic and analytical thinking approach with an emphasis on risk awareness
• Ability to successfully manage multiple assignments simultaneously and oversee/manage assigned staff
• Strong verbal and written communication skills
• Capable of working with multiple clients and projects
• Ability to conceptualize, apply, analyze and/or evaluate information generated by observation, experience, reflection, reasoning, and communication
• Proficient use of Microsoft Office (Excel, Word, and PowerPoint) and Adobe Acrobat
• Experience utilizing Nessus, Kali Linux, and other security assessment tools, a plus
• Experience with IDEA Data Analysis, a plus
• Willingness to travel a must – daily regional travel and periodic overnight travel

Herbein + Company, Inc. and its subsidiary are equal opportunity employers. All applicants will be considered on the merits of their knowledge, skills, and abilities for employment without attention to race, color, religion, gender, sexual orientation, gender expression, national origin, veteran, or disability status.