Audit Manager - Information Security & Risk Management
Job Overview:
This is a senior leadership role within our organization's Information Security and Risk Management function, responsible for leading internal and external audits, risk management initiatives, and ensuring compliance with industry frameworks and standards.
Key Responsibilities:
* Develop and execute comprehensive audit plans to identify and mitigate information security risks.
* Oversee the audit process, review findings, and provide actionable recommendations for improvement.
* Collaborate with cross-functional teams to drive remediation efforts, evidence collection, and compliance-by-design initiatives.
* Support policy development, procedure implementation, and reporting to executive stakeholders.
Requirements:
* Proven track record in IT audit, information security, and risk management.
* Strong knowledge of frameworks such as ISO 27001, NIST 800-53, SOC 2, COSO, or HITRUST.
* Experience with regulatory requirements (e.g. GDPR).
* Proficiency in GRC tools and control testing.
* Strong analytical, organizational, and communication skills.
* Relevant certifications (CISA, CISM, CRISC, CISSP) highly desirable.
Benefits:
Opportunity to work with a talented team, contribute to the development of our information security program, and grow professionally in a dynamic environment.
Skill Requirements: Security Risk Management Audit