IT Auditor (Hybrid Schedule)
- Job Title
- IT Auditor (Hybrid Schedule)
- Job ID
- Work Hybrid
- Philadelphia, PA 19192
- Other Location
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 200+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record.
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project-based work.
Conexess Group is aiding a large healthcare client in their search for an IT Auditor. This is a long-term opportunity with a competitive compensation package.
This position requires a candidate local to the following locations to operate on a hybrid schedule (1-2 days onsite per week):
- Philadelphia, PA
- Minneapolis, MN
- The position will place you on the Integrated Risk Management team within the Information Protection (CIP) department.
- CIP is responsible for managing information security, including security risk management, for the organization.
- This team is focused on improving assurance program maturity through establishing risk quantification capabilities and integrating risk management practices in all assurance services.
- The Security Assurance Advisor role offers you the opportunity to support a unique program initiative intended to streamline assurance service delivery.
- This multi-dimensional initiative is focused on maturing a developed security assurance framework and re-organizing services to deliver using this framework to achieve a “test once, use as many as possible” philosophy.
- The Security Assurance Advisor will collaborate with team members on topics such as assessments governing system authorization, “crown jewel” asset evaluations, state and federal regulatory compliance assessments, issues management, and governance, risk and compliance (GRC). Team members will work closely with, and learn from, information system and control owners
- Develop strong relationships with IT and Security stakeholders
- Recognize best practices in performing information security controls
- Lead cross-team discussions in a virtual setting
- Effectively communicate project status to team members and senior management
- Recognize factors that contribute to an increase or decrease in inherent and residual risk
- Navigate ambiguity and provide recommendations on how to solve unstructured problems
- At least 3 years of IT audit or IT compliance experience with a Bachelor's Degree in computer related field or equivalent
- Client or customer-facing experience
- Project management experience
- Certification in information security and/or audit (CISA, Security+, SSCP, GSEC, etc) is preferred but not required
- Strong knowledge of security and regulatory control framework such as AICPA TSP-100a, NIST CSF, NIST 800-53, and HIPAA
- Proficiency using Microsoft Office and Microsoft Excel
- Experience working in large, complex IT organizations is preferred but not required