Jobs · Accounting · North Carolina

Cybersecurity Audit Associate

SMBC Group · Charlotte, NC · 2 wk ago
AccountingFull-time

Role Responsibilities

  • Conduct regular audits of cybersecurity and technology related areas assessing adherence to firm and regulatory requirements and assessing design, operating effectiveness and sustainability of associated controls.
  • Create audit issues and reports that clearly articulate results, conclusions and recommendations for review with senior audit management and auditees.
  • Challenge the ongoing coverage of cybersecurity and technology related areas and present ideas for improvement.
  • Facilitate risk issue tracking to promote timely remediation.
  • Track and validate closure of issues raised by IAD, external auditors, regulators, and self-identified by stakeholders, including recommending additional actions when necessary.
  • Work collaboratively with colleagues and auditees to identify risk concerns and agree reasonable solutions.
  • Forge strong partnerships with colleagues in other technology and control functions including legal, compliance, data security and risk management to promote front-to-back collaboration across risk assessment and findings remediation.
  • Partner with audit colleagues in other business verticals and/or geographies to share best practices and drive greater consistency. Seek out opportunities to engage with stakeholders outside of formal audit periods to drive deeper relationships.
  • Stay up-to-date with evolving industry/regulatory changes impacting the business and participate in appropriate control forums.
  • Conduct regular Continuous Monitoring activities and auditable entity updates.
  • Recognize the confidential nature of IAD communications and access to information; exercise discipline in protecting the confidentiality and security of information in accordance with IAD policies and procedures.

Qualifications and Skills

  • Minimum of 3 years of Cybersecurity/audit experience in the banking and/or technology industry.
  • Knowledge and experience in various Technology and Cybersecurity domains, e.g., Identity and Access Management, Vulnerability Management, etc.
  • Knowledge of cybersecurity related risks (i.e., Governance, Identify, Protect, Detect, Respond, Recover, Supply Chain, and Demand Management).
  • Knowledge of industry relevant standards (e.g., NIST, CRI) and related regulatory expectations (e.g., NYS DFS 500, FFIEC).
  • Knowledge of audit techniques, risk and internal controls assessment, and workpaper standards. Ability to manage and execute audits, from planning to audit closing.
  • Strong strategic thinking skills including the ability to identify and assess technology related risks.
  • Excellent communication (both verbal and written), presentation and professional skills including the ability to interact effectively at all levels within the organization.
  • Enthusiastic and self-motivated, effective under pressure and willing to take personal responsibility/accountability.
  • Bachelor’s Degree in Information Technology, MIS, Finance, or related field. Advanced degree is a plus.
  • Working knowledge of Microsoft Office Suite (Outlook, Excel, Word, PowerPoint).

Similar jobs