Cyber Security Auditor Lead

Job ID: 106028
Location: Tulsa, OK  [Onsite]
Employment Type: Direct Hire
Apply Now
Back to Search

Apply Now

Fill out the form below to submit your information for this opportunity. Please upload your resume as a doc, pdf, rtf or txt file. Your information will be processed as soon as possible.


 
Apply Now
* Required field.

GDH has partnered with an enterprise organization in need of a Cyber Security Auditor Lead. The Cyber Security Auditor Lead works independently and within teams to process all work related to developing, planning, and executing internal cyber security audits.  The Security Auditor Lead will use these audits to determine the adequacy, efficiency, and effectiveness of the internal security measures of IT Department and all technology systems.  The Security Auditor monitors the compliance and regulatory landscape, prepares compliance evidence and reviews, creates process documentation, and otherwise contributes to the development and maintenance of a sound information security program.  The Auditor must drive progress, using influence to ensure that security controls are enforced.    The Auditor acts as the subject matter expert for all PCI compliance issues and facilitates preparation of annual Report on Compliance. They will also contribute to the yearly HIPAA and Data Privacy audits as well.  The Auditor contributes to the completion of financial audits by gathering and producing evidence and exhibits relating to IT controls.

 

Responsibilities:

              

·        Plan and execute audits focusing on information security, developing necessary tools, techniques, and programs to facilitate repeatable processes.

·        Develop audit findings including recommendations for improvements in policies, procedures, and methods.

·        Act as the primary IT interface with Internal auditors, financial auditors, PCI auditors, HIPAA auditors, Privacy auditors and any other external auditors as required.  Provide any requested information and arrange meetings with personnel.  Provide responses and compensating controls to audit comments.

·        For the above, ensure that security procedures are being followed, enforce best practices, ensure corrective action is taken, when necessary, recommend changes to procedures, and initiate projects to correct problems.

·        Conduct periodic audits to ensure that user provisioning and decommissioning process are working as expected and in a timely manner.

·        Keep informed of changes in equipment, infrastructure, or technology that require changes to existing audit and compliance procedures. 

·        Recommend changes in policies and procedures to Sr. GRC Lead or Director of Cyber Security then implement changes according to prescribed approval process.

·        Ensure that corrective action is taken whenever audits reveal deviations from applicable policies, procedures, or standards violations.

·        Ensure compliance with relevant industry and governmental standards, including but not limited to the Payment Card Industry Data Security Standard and HIPAA Standards (as it relates to IT practices).

·        Keep apprised of changes to standards and inform leadership of material changes requiring mitigation.

·        Facilitate the completion of annual PCI, HIPAA, Data Privacy audits then submit result to relevant internal and external parties.

·        Participate in the creation and upkeep of information security processes and documentation.

·        Participate in the general functions related to IT governance, risk, and compliance, including participation in the IT risk assessment process.

·        Provide security support to IT Department and the company at large.

·        Troubleshoot and resolve security issues and problems for systems. 

·        Resolve problems and communicate solution to customers. 

·        Participate in design and implementation of end-user security strategy for new systems.

·        Attend project meetings that require regulatory, compliance, or IT risk presence, meet with business owners as needed.

·        Participate in the evaluation and installation of third-party security tools. 

·        Attend training, professional group meetings, seminars, and read publications to remain current on trends, products, tools, and vendors, and how they apply.

 

Required education:                                       

Associates degree, preferably in MIS or Computer Science or equivalent work experience.

Required experience:        

6 years of experience in technical areas of IT.  Three or more years of experience with Security and/or standards administration.   Experience with IT auditing methods and procedures.  Experience with the PCI-DSS standard (preferably in retail), IT related HIPAA, and Data Privacy compliance.

Required skills:

Strong understanding of IT cybersecurity controls, risk/compliance frameworks such as ISO, COBIT and NIST, and compliance standards such as HIPAA, PCI DSS, and awareness of Privacy compliance such as GDPR/CCPA. Knowledge of data analysis tools for auditing purposes. Strong written and verbal communication skills with a keen attention to detail.  Strong business process skills across the IT organization with project management skills.

Desired skills:

Knowledge of Active Directory and Microsoft servers. Knowledge of AS/400 systems, web filtering software, and endpoint security software.

GDH provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran’s status or any other category protected by law. In addition to federal law requirements, GDH Consulting, Inc. complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities and/or employees. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, benefits and training. Applicants with disabilities that require an accommodation or assistance in applying and/or for interviewing, please contact our HR Department.

Please visit our notice of collection for California applicants.

Apply Now
View All Jobs

Similar Jobs

Internal Auditor/Senior Internal Auditor
70000-90000
Kansas City, MO  [Flex]
Internal Auditor Position Summary Internal Auditor/Senior Internal Auditor Responsible for performing third party provider premium and claims audits, Model Audit Rule (MAR) control testing, and assisting with internal financial, operational, and compliance related projects. The responsibilities...

Sr Data Engineer
135,000
Mission, KS  [Flex]
Backfill - Srikanth...

Sr. Office Management Specialist IV
$70
Washington, DC  [Onsite]
The Senior Office Management Specialist supports the Assistant Secretary, Principal Deputy Assistant Secretaries, and other senior officials in the Bureau of Near Eastern Affairs with schedule management, travel arrangements, and correspondence. ESSENTIAL DUTIES AND RESPONSIBILITIES Receives,...

Sr. IT Auditor
80000-90000
Kansas City, MO  [Flex]
Position Summary As one of our Senior IT Auditors, you will be responsible for testing of FSL’s internal IT controls (ITGC), performing IT process internal audits, performing IT reviews of our insurance partners, and assisting in our enterprise risk assessment process. In addition, you will also...

Help Desk Technician
$50,000-$60,000
Kansas City, KS  [Onsite]
This position provides technical assistance to system users. Investigate and resolve computer software and hardware problems. Answer system users' inquires concerning the use of computer hardware and software, including printing, word-processing, electronic mail, and operating systems. Position...