Morgan McKinley is on the lookout for a motivated individual to join a growing team and play an integral role in organizing and managing internal and external audits.
The ideal candidate has a strong background in information security risk management programs, a deep understanding of industry best practices and frameworks, and a track record of collaborating across teams on complex projects.
Key Responsibilities: Develop audit programs and plans, determine the scope of audit coverage, and manage internal and external audit engagements.
Oversee the audit process, make recommendations on policies, and ensure compliance obligations are met.
Coordinate and/or perform audit work, review reports and management responses, and review workpapers for proper support.
Identify factors causing deficient conditions and provide constructive, practical recommendations for audit findings.
Support iterative review of assessment results and follow up on the implementation of corrective actions.
Conduct compliance assessments and internal control testing of critical business processes and systems.
Identify and manage the implementation of new compliance requirements introduced by changes to regulations and frameworks like ISO 27001, SOC 2, NIST 800-53, and GDPR.
Contribute to the development of scalable models and tools to improve decision-making and accuracy.
Assimilate risk and compliance assessment data into concise reports and dashboards for leadership.
Skills and Attributes: A self-starter who can drive tasks to completion independently and learn new skills as program requirements evolve.
Possesses strong business judgment, deep analytical thinking, and the ability to manage multiple responsibilities in a fast-paced environment.
Strong verbal and written communication skills and a solution-oriented approach.
Experience with information security frameworks and industry standards such as NIST 800-53, ISO 27001, and COSO.
Experience performing IT audits and control testing.
Experience using GRC tools and technologies to support the assessment and audit process.
Expertise in security control design, development, implementation, and monitoring.
Qualifications: Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent work experience.
CISA, CRISC, CISM, or CISSP certifications are preferred.
If this matches you, please apply or reach out directly for a confidential chat.
Skills: ISO 27001 SOC 2 GDPR CISA CRISC CISM CISSP Benefits: Bonus Pension & Healthcare