Cloud Security and Compliance Auditor/Specialist
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Chicago, IL 60664
Join IBM Cloud and help transform IBM Cloud services around the world. We are looking for an experienced Internal Cloud Security and Compliance Auditor/Specialist to conduct high quality, professional day-to-day execution of internal audit engagements and projects within established timelines and budgets. Assist in annual risk assessment activities, as appropriate, including leading interviews and/or survey processes. Conduct audit entrance and exit conferences and lead as appropriate for work assigned.
+ The Cloud Security and Compliance Auditor/Specialist performs internal Security and Compliance audit in accordance with IBM’s Cloud methodology, requirements and The Institute of Internal Auditors’ (“IIA”) International Standards for the Professional Practice of Internal Auditing. The Cloud Security and Compliance Auditor/Specialist will focuses on security and compliance assessments/audit that involve cyber/data security, computer operations, and IT compliance.
+ The Cloud Security and Compliance Auditor/Specialist effectively executes a wide range of Internal assessment and Audit activities in a high quality and timely manner. In their role, they perform activities that include planning and developing work programs, identifying recommendations for continuous improvement in global processes and controls, communicating results, and following up on issues reported. They are also responsible for Internal assessment, audit and awareness and strategy development, organization risk assessment/planning, and completion of special requests for IBM’s Cloud Management and the CSO of VPC Genesis Cloud.
The following key responsibilities will apply:
+ Participates in the detailed execution and communication of the risk-based work plan, including IBM’s Cloud Management and Audit special project requests.
+ Verifies the adequacy of information technology (IT) operating procedures of the IBM’s Cloud service through a systemic program of audits.
+ Assists in development of the IBM’s Cloud internal annual audit plan and schedule.
+ Completes Security and compliance/audit work, including internal audit work plan, work papers, findings, and associated reports.
+ Prepare security and compliance finding and audit reports, work papers to ensure adequate documentation exists to support the completed audit and conclusions.
+ Conducts IT integrated audits with operational, compliance, financial, and investigative audit teams, as assigned.
+ Identifies, recommends, and reports improvement opportunities for IBM’s Cloud global processes and controls.
+ As appropriate, identifies opportunities for continuous improvement of technology, security, financial, and other processes and evaluation of organization-driven risk.
+ Manages security and compliance relationship, including facilitating meetings, discussions of findings, and presenting draft and final reports in a professional manner.
+ Prepares well-written and timely audit reports and high quality presentations for leadership and board level reporting.
+ Develops security and compliance skills and establishes/maintains relationships related to the risk areas assigned.
+ Keeps abreast of company policies and procedures, current developments in technology and auditing professions, and changes in local, state, and federal laws.
This role description reflects Management’s assignment of essential functions. It does not prescribe or restrict responsibilities that may be assigned.
+ Excellent verbal and written communication skills; interpersonal and presentation skills
+ Ability to train, develop, and motivate team members
+ Demonstrated leadership in professional setting; either military or civilian
+ Ability to successfully interface with security and cloud developers team (internal and external)
+ Ability to document and explain findings in a concise, understandable manner
Preferred Locations : Austin, TX or Littleton, MA
Required Technical and Professional Expertise
+ Bachelor’s Degree (Undergraduate degree in Computer Science, Information Systems, Business Administration, Accounting, or Finance)
+ Minimum of 4 years’ experience in information technology auditing, combined audit/IT audit, or relevant information security or information technology roles.
Preferred Tech and Prof Experience
+ CPA, CIA, CISA, CRISK or CISSP certification
+ Big 4 experiences
+ Experience working in a global security and compliance function
+ Cyber security experience
+ Strong working knowledge of operational, compliance and IT auditing techniques
+ Broad IT knowledge in Cloud infrastructure technologies, application development and support, and emerging technologies.
+ Experience with Windows and UNIX operating systems.
+ Knowledge of and audit experience with cloud services.
+ ISO2700X, SOC, NISTSP800-53 v4 and Sarbanes-Oxley project experience, familiarity with COSO/COBIT framework
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.