Location: Hartford, CT
Position Type: Long-term Consulting Position – Possible Consultant to Hire
Salary: $65 to $80 per hour D.O.E.
Position Number: 9519
The Senior IT Security & Compliance Auditor will be responsible for assisting with developing, implementing and maintaining a Risk Management Framework including assessing and evaluating IT risks and internal controls to ensure company is compliant with all state and federal regulations. This role will continuously assess the adequacy and effectiveness of the IT controls and provide expertise and guidance on the risk mitigation plans across the infrastructure and information systems to satisfy compliance requirements and manage risks to an acceptable level.
· Assists with developing, implementing, and maintaining a Risk Management Framework.
· Leads and conducts ongoing IT audits and/or assessments in accordance with various regulatory requirements, specifically NIST 800-53 and IRS Publication 1075.
· Develops audit process and procedures and documents test results with recommendations.
· Performs an annual risk assessment of the AHCT environment.
· Collaborates with the IT functional teams and other stakeholders to review, analyze and develop enhanced IT controls from the compliance and security perspective.
· Partners with IT functional teams and other stakeholders to ensure action plans are effectively designed and successfully implemented.
· Provides management with guidance and expertise on IT risk management matters, including infrastructure, security and industry standards.
· Ensures proper policies, procedures, risk mitigation activities, and operating controls are followed.
· Assists with selection, design, and implementation of the Governance, Risk and Compliance (GRC) tool.
EXPERIENCE AND SKILLS:
· BA/BS in Management Information Systems, Cybersecurity, Computer Science or related IT field and/or equivalent industry experience.
· A minimum of 5 years of experience auditing IT systems.
· One or more of the following certifications is required:
o Certified Information Systems Auditor (CISA)
o Certified Information Systems Security Professional (CISSP)
o Certified in Risk and Information Systems Control (CRISC)
o Certified Information Security Manager (CISM)
· Experience with Cybersecurity Frameworks including the National Institute of Standards and Technology Cybersecurity Framework (NIST-CSF).
· Advanced knowledge of hardware, software, data, and network principles and systems.
· Experience with IT Risk Management principles including industry leading practices, industry frameworks, and processes.
· Solid comprehension of data protection strategies, network and system vulnerabilities, security information and event management, malware, emerging threats, attacks, and vulnerability management.
· Excellent problem-solving, analytical, and written/oral communication skills.
· Ability to collaborate with internal and external stakeholders in an effective manner that produces desired results.
· Ability to effectively lead and meet business objectives in a highly collaborative and high-performance work environment.
To view other Hallmark jobs, please go to www.HallmarkJobs.com.
Hallmark and our Client are Affirmative Action, Equal Opportunity Employers. We encourage all qualified people with the current right to work for any employer in the USA to apply.