Cyber Security Audit and Compliance Specialist

Dallas, Texas
19 Sep 2016
28 Nov 2016
Contract Type
Full Time
P osition Summary:

Plans and conducts audits, security reviews and assessments of information systems, security controls and applications to safeguard assets, ensure accuracy of data, and promote operational efficiency.

Technical/Functional Responsibilities:

  • Perform business and technical analysis, consulting, audit and security assessments focused on cyber security solutions and various information systems (e.g. Database, Applications and Middleware)
  • Analyzes, evaluates, and documents user permissions, security parameters, and possible interfaces for applications including ERP systems and/or modules.
  • Tasks may include segregation of duties analysis, data flow understanding, information technology (IT) security risks and controls, by utilizing third party analysis tools
  • Provide solution recommendations based on identified control gaps or deficiencies
  • D evelop procedures or other remediation recommendations based on issues identified
  • Consult with ERP development and administration teams on configuration and implementation parameters for user access controls
  • Other tasks may include performing IT audits, IT risk assessments, general IT control reviews, Service Organization Control (SOC), other IT security consultative services
  • Interviews various personnel and examines records to identify anomalies or suspicious patterns of activity
  • Analyzes data to evaluate effectiveness of controls and determine accuracy of reports, and efficiency and security of operations
  • Writes audit reports to document findings and recommendations
  • Devises controls for new or modified applications to prevent inaccurate calculations and data loss, and to ensure discovery of errors

Basic Qualifications
  • Bachelor's degree in MIS, Business or Accounting
  • Four to six years cyber security, auditing or IT operational experience, including technical knowledge of various security applications and approaches; including experience with ERP controls (Oracle and PeopleSoft)
  • Understanding of IT Controls frameworks/compliance including Sarbanes-Oxley; COBIT; COSO; ISO 2700x; UCF, SANS/CIS, etc.
  • Strong verbal and written abilities
  • Strong multitasking and project management skills

Preferred Qualifications:
  • Experience in diversified, global operations utilizing complex applications and ERP implementations
  • CISA, CISSP, CISM, CRISC, CGEIT certifications (or in process)
  • Professional services or cyber security consulting background
  • Network and operating systems security experience
  • Must possess a high degree of integrity and confidentiality
  • Ability to put forth additional effort to meet deadlines, including limited travel when necessary