IT Risk/3rd Party Audit Analyst
Posted on Oct 8, 2020 by MCG - Midwest Consulting Group
The IT Risk Auditor will help grow the Firm s IT risk, audit and compliance function. This function is part of the IT Risk and Audit group which is responsible for all aspects of risk, audit and compliance including: internal and external risk assessments and audits, client security and privacy requests, third party risk, and privacy and security compliance and training.
Job Duties and Responsibilities:
- Conduct IT risk assessments including planning, testwork and reporting.
- Perform third party risk management reviews and audits.
- Contributor of critical programs such as asset management and data governance.
- Perform reliance testing for SOC compliance and reporting.
- Assist with remediation tracking and reporting.
- Perform control audits for ISO 27001.
- Assist in IT policy management.
- Utilize GRC software for performance of tasks.
- Perform testing of IT governance controls.
- Perform software licensing audits.
Qualifications and Requirements:
- Bachelor s degree in computer science, information technology or related field or working towards degree.
- 1+ years experience as an IT auditor or risk professional.
- Familiarity or experience with SOC 1, HIPAA, ISO 27001, GDPR, NYDFS Cybersecurity Regulation, etc.
- Strong verbal and written communication skills.
- Ability to work with all levels within the Firm and external consultants and auditors.
- Ability to work minimal guidance.
- Ability to work on multiple projects at once.
- Experience using GRC software preferred.