Security Audit Analyst

About Client:

The Client is a leading global IT services and consulting company, providing a wide range of services to clients in various industries, including banking, financial services, retail, manufacturing, healthcare, and more. It is one of the largest employers in the IT industry and has a vast and diverse workforce. The company places a strong emphasis on employee training and development. Client is known for its commitment to innovation and invests in research and development to stay at the forefront of technological advancements.

It offers a comprehensive set of services, including:

IT Services: Application development, maintenance, and testing.

Consulting: Business consulting, IT strategy, and digital transformation.

Business Process Outsourcing (BPO): Outsourcing of business processes to improve efficiency.

Enterprise Solutions: Implementation and support of enterprise-level software solutions. Digital Services: Services related to digital technologies, such as analytics, cloud, and IoT.

Salary Range: $110K-$120K/Annum

Job Description:

• CISA strongly preferred with 3-5 years of audit and compliance experience.
• Excellent analytical skills, attention to detail, and a high level of initiative
• Knowledge of Audit framework like RCSA Framework, Security Trust framework and tools, and process improvement models
• Leading specific audits of SOX, SOC-I, SOC-II, PCI-DSS and NYDFS, operational and regulatory audits, including planning individual audits, performing tests and reporting.
• Supervising or reviewing tests prepared by analysts
• Full scope responsibility for delivery of a complete control test for SOX, SOC-I, SOC-II,
• Assisting in tracking the remediation of gaps
  
  

Roles & Responsibilities:

• Coordinate with application team to perform internal audit procedures for the organization, including IT SOX, SOC1, SOC2, PCI-DSS, NYDFS, Insurance Security Data Act.
• Ability to perform testing of IT controls for compliance audits like SOX, SOC1, SOC2, PCI-DSS etc.
• Knowledge of RCSA Framework and Security Trust Framework
• Responsible for governance and reporting for general IT controls and automated application controls, which include regulatory compliance listed above.
• Lead IT audit and compliance internal audits and test IT controls and evidence collection
• Provide compliance support in design, implementation, and continual operation of general IT controls. Continuous Monitoring of Controls
• Monitor and evaluate changes in industry law, regulations and compliance requirements and adjust scope as necessary.
• Recommend remediation projects to resolve compliance gaps and improve operations to be compliance.
• Provide project management support to all IT audits and Control Test Automation projects, including documentation tracking and providing, and status management and reporting to internal management.
• Design and implement compliance testing and documentation across all process domains
• Review audit results with appropriate management personnel and provide recommendations for remediation.
• Write reports and develop presentations to communicate audit findings, control gaps and remediation efforts to management.
• Oversee and facilitate remediation efforts with management personnel.
  
  

About ApTask:

ApTask is a leading global provider of workforce solutions and talent acquisition services, dedicated to shaping the future of work. As an African American-owned and Veteran-certified company, ApTask offers a comprehensive suite of services, including staffing and recruitment solutions, managed services, IT consulting, and project management. With a focus on excellence, collaboration, and innovation, ApTask provides unparalleled opportunities for professional growth and development. As a member of the ApTask team, you will have the chance to connect businesses with top-tier professionals, optimize workforce performance, and drive success across diverse industries. Join us at ApTask and be part of our mission to empower organizations to thrive while fostering a diverse and inclusive work environment.

Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.

Candidate Data Collection Disclaimer:

At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment.

If you have any concerns or queries about your personal information, please feel free to contact our compliance team at businessexcellence@aptask.com