IT Auditor (Info Security/CISA/CISM/CISSP)
We're Experis. We're the professional resourcing arm of ManpowerGroup and the largest IT recruiter in Europe; placing more than 38,000 experts into IT, Finance and Engineering roles every day.We're a different kind of talent company. Few companies can match our scope, our history of success, or our enviable reputation as the global leader in professional talent and workforce solutions. That's why over 80% of the Fortune Global 500 turns to us for the professional talent that will set their business apart.We pride ourselves on our ability to make a difference to individuals, communities, and organisations. Social responsibility really is at our core; and we are committed to developing socially inclusive work environments for the long term. In fact, our commitment to sustainability has been recognised in a number prestigious organisations, including the Ethisphere Institute, who named us as being one of the World's Most Ethical Companies for seven consecutive years, and Fortune Magazine, who listed us as one of the World's Most Admired Companies for 14 years in a row.
(IT Security,IT Auditor,Compliance,Information Security, IT Security,CISSP,CISA, CISM) My client is seeking an IT Auditor/ Audit Analyst with extensive experience auditing companies to establish compliance within Information Security. You will coordinate, plan and execute Information Technology compliance audits.
- Develop and provide controls, standards, process improvement recommendations, technical guidance and awareness for information technology compliance.
- Research, interpret, develop, maintain, and apply compliance regulations and control descriptions for information technology audits such as ISO 9001 (Quality Management System), ISO 27001 (Information Security Management System), Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Policy, etc.
- Execute on all aspects of information technology audit efforts including planning, preparation, audit reports, field work, and follow-up activities.
- Participate in risk mitigation sessions for new projects or processes and ensure that all significant regulatory risks are identified and accounted for appropriately.
- Evaluate remediation plans and provide consultative support as to the interpretation of regulations and their implementation.
- Maintain position as a subject matter expert in current and new information technology compliance laws and best practices.
- Respond to inquiries about the Company’s compliance status and controls.
- Support customer retention through providing applicable and appropriate attestation for Thomson Reuters information security policies and practices.
- Provide information security risk management representation on customer calls regarding attestation of Thomson Reuters information security policies and practices.
- Perform a business impact analysis and operate as a key contributor to the Vendor Risk Management process
- Ideally some Industry-related certifications such as CISA, CISSP, CISM and ITIL
- Familiarity with audit and standards processes including ISO, PCI, Sarbanes-Oxley is preferable.
- Practical experience with the identification and remediation of compliance and security vulnerabilities.
- Thorough knowledge of technology platforms, products and services.
- Excellent verbal and written communication skills.
- Ability to communicate at all levels in the organisation.
- Demonstrated strong problem-solving skills and effective negotiation and influence.
- Ability to set project scope, delegate tasks and deliver quality results.
This organisation is an equal opportunity employer and value diversity at our company. The client does not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.