IT and Security Auditor

1 month ago


Plano, United States Global Payments Full time

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.

Purpose:

This position provides an opportunity for a motivated technology and information security audit professional to make a strong contribution to Global Payments' growing Internal Audit team, and more specifically, within Internal Audit's advanced technology risk audit team.

As a Fortune 500 payments technology company, Global Payment's management recognizes the importance of managing and responding to risk. Internal Audit is an integral and valued component to Global Payments' risk management environment and works closely with management to deliver value-added and challenging audit projects in the area of information technology, information security, business operations, finance & accounting, and compliance using progressive audit procedures. Our philosophy is to evaluate complex business processes utilizing a risk-based approach, and to provide the greatest value to our internal clients. We strive to apply tailored and progressive audit procedures and to avoid standard check the box auditing. The department is consistently recognized for its contributions to organizational improvements due to its diverse, energetic and collaborative approach when working with management.

This role will deliver a diverse array of information technology and information security audits that include in-depth analysis and understanding of supporting business processes. This position will have the opportunity to evaluate numerous technology platforms and apply process, technology and security risk considerations. Specifically, the role will have the opportunity to evaluate technology risks and controls within major cloud technology provider environments (e.g, Amazon AWS, Google GCP, and Microsoft Azure) as the company continues cloud technology strategic initiatives. The candidate should have experience with a wide array of technology processes, such as infrastructure design and management, information security operations, service management, software development lifecycle, disaster recovery planning, etc. This position provides the opportunity for future career advancement as well as exposure to senior leadership and organizational divisions across the globe.

The Internal Audit team focuses heavily on risk-based audits that help management identify and reduce organizational risk. These projects vary each year and provide a high degree of challenge and diversity. The team also performs internal advisory projects and supports compliance audit responsibilities.

Familiarity with the payment processing industry and common technology control frameworks, including COBIT, NIST Cybersecurity, ISO 27000 series, PCI-DSS, and FFIEC IT Handbook is also preferred.

Expected Responsibilities:

  • Support controls testing for risk-based audits and support project team with all aspects of the audit lifecycle, including risk assessment, planning, client coordination, fieldwork, data analysis, workpaper documentation, reporting, and remediation validation, with direction from senior team members.
  • Willingness to learn and grow technical knowledge through team collaboration. Projects will include a strong focus on information technology and information security controls in executing integrated, risk-based audits to evaluate the design and effectiveness of internal controls. The auditor will also focus on the integration of IT and business process risk considerations within the audit process.
  • Familiarity and understanding of technology control application in on-premise environments vs. increased automation of controls within cloud service provider (CSP) environments.
  • Understanding of IT managed processes, including technology architecture, system build and provisioning, configuration management, performance monitoring, incident management, change management, user access management, disaster recovery, etc.
  • Evaluate key information security risks including confidentiality, integrity and availability of technology components through review of security operational processes, such as vulnerability management, penetration testing, security logging and monitoring, security incident response, and defense in depth strategies.
  • Evaluate root cause factors for audit testing exceptions and recommend practical solutions that reduce risk and strengthen business processes and controls.
  • Ensure audit testing work papers are documented in a consistent and high-quality manner while executing project tasks in adherence to established timelines.
  • Build and develop Internal Audit's brand within the company through meaningful relationship building.
  • Enable continuous improvement of the Internal Audit department by identifying and communicating enhancement opportunities to department leadership.
  • Support the development of other team members within the Internal Audit department.
Knowledge, Skills & Responsibilities
  • Audit and/or consulting experience in the following:
  • Information and data security for payment card data and publicly-identifiable information
  • Technology control application within cloud environments and usage of automated processes and cloud architectures such as CI/CD deployment pipelines, infrastructure-as-code, containerization, etc.
  • Application security, including segregation of duties and least privileged access
  • Technology infrastructure security, including mainframe, UNIX/LINUX, Windows, SQL Server and Oracle database
  • Systems development, project management and change management
  • IT infrastructure design, management and operations
  • Business continuity and technology resiliency including high availability and disaster recovery architecture
  • Integration of business process controls with supporting technologies. Business process workflow documentation, including identification of key risks and the corresponding business and technology controls
  • Ability to work in a complex and evolving environment.
  • Demonstrate strong project management and execution skills, including: prioritizing tasks, balancing workload, anticipating next steps, and adapting to change.
  • Tailor project approaches based on areas of key risks. Critically evaluate audit procedures to maximize the value of each audit project.
  • Strong communication and presentation skills with an ability to tailor communications to different audiences.
  • Pursue work with enthusiasm, energy, drive and team collaboration.
  • Establish and build effective relationships.
  • Collaborate with management and senior leadership to improve internal controls and processes.
  • Demonstrates ability to consider all team member's input prior to decision making.
  • Proactively communicate issues with colleagues and obtain agreement on audit findings and practical recommendations with control owners prior to presentation to management.
Required Qualifications:
  • 1+ years of relevant audit and/or risk management experience.
  • Knowledge of auditing principles and practices, and the analysis and reporting of audit information.
  • Bachelor's degree in Auditing, Business Management or Information Technology.
  • Merchant Acquiring / Payment Processing, Card Issuance, and Private-label Consumer Solutions industry experience preferred.
  • Familiarity with internal control frameworks, including COBIT, FFIEC, PCI DSS, Sarbanes-Oxley, ISO27001, and ITIL
  • Open to 10-15% travel requirement, including some potential international travel
  • Merchant Acquiring / Payment Processing, Card Issuance, and Private-label Consumer Solutions industry experience preferred.
  • CIA, CISA, CISM, CISSP or other relevant certifications are preferred
  • Big Four audit or risk advisory experience preferred
    Purpose:

    This position provides an opportunity for a motivated technology and information security audit professional to make a strong contribution to Global Payments' growing Internal Audit team, and more specifically, within Internal Audit's advanced technology risk audit team.

    As a Fortune 500 payments technology company, Global Payment's management recognizes the importance of managing and responding to risk. Internal Audit is an integral and valued component to Global Payments' risk management environment and works closely with management to deliver value-added and challenging audit projects in the area of information technology, information security, business operations, finance & accounting, and compliance using progressive audit procedures. Our philosophy is to evaluate complex business processes utilizing a risk-based approach, and to provide the greatest value to our internal clients. We strive to apply tailored and progressive audit procedures and to avoid standard check the box auditing. The department is consistently recognized for its contributions to organizational improvements due to its diverse, energetic and collaborative approach when working with management.

    This role will deliver a diverse array of information technology and information security audits that include in-depth analysis and understanding of supporting business processes. This position will have the opportunity to evaluate numerous technology platforms and apply process, technology and security risk considerations. Specifically, the role will have the opportunity to evaluate technology risks and controls within major cloud technology provider environments (e.g, Amazon AWS, Google GCP, and Microsoft Azure) as the company continues cloud technology strategic initiatives. The candidate should have experience with a wide array of technology processes, such as infrastructure design and management, information security operations, service management, software development lifecycle, disaster recovery planning, etc. This position provides the opportunity for future career advancement as well as exposure to senior leadership and organizational divisions across the globe.

    The Internal Audit team focuses heavily on risk-based audits that help management identify and reduce organizational risk. These projects vary each year and provide a high degree of challenge and diversity. The team also performs internal advisory projects and supports compliance audit responsibilities.

    Familiarity with the payment processing industry and common technology control frameworks, including COBIT, NIST Cybersecurity, ISO 27000 series, PCI-DSS, and FFIEC IT Handbook is also preferred.

    Expected Responsibilities:
  • Support controls testing for risk-based audits and support project team with all aspects of the audit lifecycle, including risk assessment, planning, client coordination, fieldwork, data analysis, workpaper documentation, reporting, and remediation validation, with direction from senior team members.
  • Willingness to learn and grow technical knowledge through team collaboration. Projects will include a strong focus on information technology and information security controls in executing integrated, risk-based audits to evaluate the design and effectiveness of internal controls. The auditor will also focus on the integration of IT and business process risk considerations within the audit process.
  • Familiarity and understanding of technology control application in on-premise environments vs. increased automation of controls within cloud service provider (CSP) environments.
  • Understanding of IT managed processes, including technology architecture, system build and provisioning, configuration management, performance monitoring, incident management, change management, user access management, disaster recovery, etc.
  • Evaluate key information security risks including confidentiality, integrity and availability of technology components through review of security operational processes, such as vulnerability management, penetration testing, security logging and monitoring, security incident response, and defense in depth strategies.
  • Evaluate root cause factors for audit testing exceptions and recommend practical solutions that reduce risk and strengthen business processes and controls.
  • Ensure audit testing work papers are documented in a consistent and high-quality manner while executing project tasks in adherence to established timelines.
  • Build and develop Internal Audit's brand within the company through meaningful relationship building.
  • Enable continuous improvement of the Internal Audit department by identifying and communicating enhancement opportunities to department leadership.
  • Support the development of other team members within the Internal Audit department.
  • Knowledge, Skills & Responsibilities

  • Audit and/or consulting experience in the following:
  • Information and data security for payment card data and publicly-identifiable information
  • Technology control application within cloud environments and usage of automated processes and cloud architectures such as CI/CD deployment pipelines, infrastructure-as-code, containerization, etc.
  • Application security, including segregation of duties and least privileged access
  • Technology infrastructure security, including mainframe, UNIX/LINUX, Windows, SQL Server and Oracle database
  • Systems development, project management and change management
  • IT infrastructure design, management and operations
  • Business continuity and technology resiliency including high availability and disaster recovery architecture
  • Integration of business process controls with supporting technologies. Business process workflow documentation, including identification of key risks and the corresponding business and technology controls
  • Ability to work in a complex and evolving environment.
  • Demonstrate strong project management and execution skills, including: prioritizing tasks, balancing workload, anticipating next steps, and adapting to change.
  • Tailor project approaches based on areas of key risks. Critically evaluate audit procedures to maximize the value of each audit project.
  • Strong communication and presentation skills with an ability to tailor communications to different audiences.
  • Pursue work with enthusiasm, energy, drive and team collaboration.
  • Establish and build effective relationships.
  • Collaborate with management and senior leadership to improve internal controls and processes.
  • Demonstrates ability to consider all team member's input prior to decision making.
  • Proactively communicate issues with colleagues and obtain agreement on audit findings and practical recommendations with control owners prior to presentation to management.
  • Required Qualifications:

  • 1+ years of relevant audit and/or risk management experience.
  • Knowledge of auditing principles and practices, and the analysis and reporting of audit information.
  • Bachelor's degree in Auditing, Business Management or Information Technology.
  • Merchant Acquiring / Payment Processing, Card Issuance, and Private-label Consumer Solutions industry experience preferred.
  • Familiarity with internal control frameworks, including COBIT, FFIEC, PCI DSS, Sarbanes-Oxley, ISO27001, and ITIL
  • Open to 10-15% travel requirement, including some potential international travel
  • Merchant Acquiring / Payment Processing, Card Issuance, and Private-label Consumer Solutions industry experience preferred.
  • CIA, CISA, CISM, CISSP or other relevant certifications are preferred
  • Big Four audit or risk advisory experience preferred
Summary of This Role

Conducts operational, compliance, and financial audit and advisory engagements of domestic and/or international operations and providing sound project management. leads the planning and execution, reporting and follow-up of audit engagements. Develops, monitors and assists in executing the testing strategy for audit engagements. .

What Part Will You Play?
  • Applies an understanding of process and system flows, business objectives, risks and control activities by performing routine tasks, such as obtaining, analyzing and evaluating data, during the execution of compliance, financial, and operational audits while adhering to internal audit methodologies to specific engagement objectives. Assists more experienced auditors with discovery activities to gain a working knowledge of the audit program.
  • Assists more experienced auditors by compiling data for audit reports, maintaining work paper documentation, documenting process and preparing audit findings throughout the audit project lifecycle.
  • Develops knowledge of applicable laws, regulations, and company policies by researching online and internal resources while assisting more experienced auditors.
What Are We Looking For in This Role?

Minimum Qualifications
  • Bachelor's Degree
  • Relevant Experience or Degree in: Accounting, Operations, IT or related degree or equivalent training or experience in lieu of degree
  • Typically Minimum 2 Years Relevant Exp
  • Related work experience
Preferred Qualifications
  • Typically Minimum 4 Years Relevant Exp
  • Accounting, Operations, IT or related professional auditing experience. Experience in a recognized process improvement discipline (Six Sigma, Lean ISO, etc.)
  • Professional Certification (CIA, CPE, CFE, CISA, etc.)
What Are Our Desired Skills and Capabilities?
  • Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues.
  • Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgment within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships.
  • Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments.
  • Industry knowledge - Knowledge of the financial industry
  • Audit knowledge - Experience with industry audit standards
  • Project Management - Ability to organize and manage multiple projects and resources simultaneously

Global Payments Inc. is an equal opportunity employer.

Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.

  • Plano, Texas, United States Global Payments Full time

    About the RoleThis position provides an opportunity for a motivated technology and information security risk professional to make a strong contribution to Global Payments' growing Internal Audit team, and more specifically, within Internal Audit's advanced technology risk audit team.The ideal candidate will have a strong background in auditing principles and...


  • Plano, Texas, United States Communications and Power Industries LLC Full time

    Job OverviewDriving Innovation in Security ManagementWith a legacy of over seventy years, Communications & Power Industries has significantly influenced daily life through its advanced electronic solutions. Our products are essential to modern commercial and military communication frameworks, contribute to healthcare advancements, support defense personnel,...

  • Night Auditor

    3 months ago


    Plano, United States Marriott International Inc Full time

    Job DescriptionPOSITION SUMMARY Check figures, postings, and documents for accuracy. Record, store, access, and/or analyze computerized financial information. Control and secure cash and cash equivalents for property according to cash handling policy and procedures. Organize, secure, and maintain all files and records in accordance with document retention...

  • Security Manager

    4 weeks ago


    Plano, United States Communications and Power Industries LLC Full time

    Job DescriptionJob DescriptionShaping the future through innovation and discovery! With a history spanning more than seven decades, Communications & Power Industries’ thousands of products have impacted people’s lives in numerous unseen ways every day. Our highly engineered products serve as the backbone of modern-day commercial and military...

  • Golang Developer

    4 weeks ago


    Plano, United States TekValue IT Solutions Full time

    Golang DeveloperOnsite - Plano, TX.Long TermRequired Skills:Strong communication skills, specifically giving/receiving constructive feedback in a collaborative settingMinimum of 4 years of programming experience (i.e., C, C++, C#, Rust, Python, Golang)MUST BE STRONG IN CODING: GOLAND, GO & PYTHONGood understanding of api design and security...

  • Golang Developer

    4 weeks ago


    Plano, United States TekValue IT Solutions Full time

    Golang DeveloperOnsite - Plano, TX.Long TermRequired Skills:Strong communication skills, specifically giving/receiving constructive feedback in a collaborative settingMinimum of 4 years of programming experience (i.e., C, C++, C#, Rust, Python, Golang)MUST BE STRONG IN CODING: GOLAND, GO & PYTHONGood understanding of api design and security...

  • DB2 DBA

    3 weeks ago


    Plano, United States SAGE IT Full time

    Role: DB2 DBALocation: Plano TX- (5 Days onsite & 24x7 Rotational) Shift:- Rotational (Shift 1 (8 AM – 5 PM), Shift 2 (4 PM – 1 AM), Shift 3 (12 AM – 9 AM))Job Description:Skills Needed – DB2, Production Support, DB Joins, LUWOffer DBA DB2 support for application development team.Ensure integrity, availability and performance of DB2 database systems...

  • DB2 DBA

    4 weeks ago


    Plano, United States SAGE IT Full time

    Role: DB2 DBALocation: Plano TX- (5 Days onsite & 24x7 Rotational) Shift:- Rotational (Shift 1 (8 AM – 5 PM), Shift 2 (4 PM – 1 AM), Shift 3 (12 AM – 9 AM))Job Description:Skills Needed – DB2, Production Support, DB Joins, LUWOffer DBA DB2 support for application development team.Ensure integrity, availability and performance of DB2 database systems...


  • Plano, Texas, United States Toyota Full time

    Join Toyota and Elevate Your Career!At Toyota, we recognize the importance of our skilled workforce and are committed to fostering professional growth within our team. We encourage our associates to explore opportunities for advancement within the organization.Our success is driven by our people.Please note that Toyota does not provide sponsorship for...


  • Plano, Texas, United States TekValue IT Solutions Full time

    Position: Golang DeveloperLocation: Onsite - Plano, TXContract Duration: Long TermKey Qualifications:Exceptional communication abilities, particularly in providing and receiving constructive feedback within a team environment.A minimum of 4 years of programming experience in languages such as C, C++, C#, Rust, Python, and Golang.Proficient in coding with a...


  • Plano, Texas, United States TekValue IT Solutions Full time

    Position: Golang DeveloperLocation: OnsiteContract Duration: Long TermKey Qualifications:Exceptional communication abilities, particularly in providing and receiving constructive feedback within a team-oriented environment.A minimum of 4 years of software development experience in languages such as C, C++, C#, Rust, Python, and Golang.Proficient in coding...


  • Plano, United States Capital One Full time

    Center 1 (19052), United States of America, McLean, VirginiaSr. Manager Cyber Technical, Technology AuditCapital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organization's Audit Committee. Audit professionals are experienced, well-trained and credentialed, and operate within a...


  • Plano, United States Smartwork IT Services Full time

    Job DescriptionJob DescriptionJob Title : DB2 Database AdministratorLocation: Plano TX Job Type : ContractJob Description:Skills Needed DB2, Production Support, DB Joins, LUWOffer DBA DB2 support for application development team.Ensure integrity, availability and performance of DB2 database systems by providing technical support and maintenance.Monitor...


  • Plano, Texas, United States Toyota Full time

    OverviewWho we areCollaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for diverse,...

  • Sybase DBA

    2 weeks ago


    Plano, United States Smartwork IT Services Full time

    Job DescriptionJob DescriptionJob Title : Sybase DBALocation : Plano TXJob Type : Contract Job Description :The Level L1/2 Sybase Administrator is a senior-level position responsible for the design, implementation, and management of databases. This role involves overseeing the database infrastructure, ensuring high availability, performance, and security....

  • Manager, Cyber Risk

    2 weeks ago


    Plano, United States Capital One Full time

    Center 1 (19052), United States of America, McLean, VirginiaManager, Cyber Risk & Analysis - Technology Audit (Hybrid)Capital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organization's Audit Committee. Audit professionals are experienced, well-trained and credentialed, and operate...


  • Plano, Texas, United States eTek IT Services, Inc. Full time

    Position OverviewThe Senior Python Software Engineer will be instrumental in enhancing our software development initiatives, focusing on delivering robust and efficient software solutions. This role involves utilizing Python and associated technologies to ensure our applications are both reliable and scalable.Key ResponsibilitiesEngage with multidisciplinary...

  • Python Developer

    3 months ago


    Plano, United States eTek IT Services, Inc. Full time

    Job DescriptionJob DescriptionPython DeveloperLocation: Plano Tx (Only Locals)Overview:The Python Developer will play a crucial role in our organization, contributing to the development and maintenance of high-quality software solutions. They will be responsible for implementing and testing software solutions using Python and related technologies, ensuring...


  • Plano, Texas, United States RNR IT Solutions Inc Full time

    Senior Java Microservices EngineerRNR IT Solutions Inc is seeking a talented Senior Java Microservices Engineer with a strong background in Java development. The ideal candidate will possess extensive experience in crafting microservices using Spring and AWS technologies.Key Responsibilities:Demonstrate expertise in Spring frameworks, including Spring Boot,...


  • Plano, United States RNR IT Solutions Inc Full time

    Job DescriptionJob DescriptionThe candidate needs to have prior hands on knowledge in developing microservices using Spring and AWS· Strong experience with Spring and Spring Boot, Spring MVC, Spring Data, Spring Security· Experience building REST and SOAP web services using Java· Experience with Web Services(JSON, REST, JAX-RS, Spring based REST...