Technology Audit Analyst III

Job Description

Job Posting Title: Technology Audit Analyst III

Description: Title: IT Audit Analyst

Assignment Length: 3.5 months (fixed) (small chance of conversion)

Location: Remote - Atlanta, GA (Ideally local but open to EST)

Experience & Education:

• Bachelors plus 3+ years of technical audit experience in one of more of the following domains: Information security, IT infrastructure, business applications and enterprise risk assessment.
• Professional certifications or other information security certifications (e.g., CISA, CRISC, CIA, CISSP, CCSP, CCSK) are desirable.

Role:

• Support, execute and deliver IT risk reviews, security assessments, infrastructure health checks and other audits (compliance & operational)
• Assess effectiveness of controls and communicate observation and recommendations to internal business partners
• Maintain technical expertise, stay informed of news related to IT security as relevant to VMware and apply this knowledge and leading practices in your assignments (e.g., risk assessments, cloud computing, data analytical tools and review procedures)

Skills and Competencies:

• Relevant technical auditing skills including experience with reviewing and assessing IT vulnerabilities and risks
• Ability to communicate technical issues to non-technical audiences succinctly and ability to clearly articulate to IT and Business stakeholders alike
• Openness to receiving and providing constructive feedback and focused on continuous improvement through incorporating feedback provided into measurable action
• Ability to collaborate within teams, build and sustain relationships with business partners and team members
• Knowledge of current/emerging technology including SaaS, cloud computing, and virtualization
• Experience working with ISO 27001, 27002, 27017 and 27018 standards and SOC1/2/3 assurance attestations required
• Have a good understanding of the information technology industry and cloud service models (i.e. Software as a Service (SaaS), Infrastructure as a Service (IaaS),
• Platform as a Service (PaaS), etc.) and their related information security requirements
• Familiarity with most common cloud services providers like Amazon AWS, Microsoft Azure, IBM Cloud, Google Cloud, etc
• Awareness of current technology solutions from diverse vendors like Microsoft, Cisco, Palo Alto, SAP, Oracle, etc.
• Awareness of SDLC processes and their related information security requirements

Responsibilities:

• Under the guidance and supervision of engagement leads, participate in planning and audit scope development, as well as execute assignments as a critical team member on technology-related assessments
• Review and assess the effectiveness of the client's internal control and come up with recommendations that improve the effectiveness, efficiency of control or process
• Assess audit findings / gaps including control weaknesses with an appropriate degree of professional skepticism, seeking to fully understand risk exposure to VMware
• Areas of IT risk focus may include information security, cloud computing, IT operations and infrastructure, and SaaS transformation.
• Responsible for supporting the overall InfoSec Assurance strategy of protecting information assets and data.
• Supports new critical Information Assurance projects and initiatives.
• Supports the ongoing security compliance audits from customers and third-party vendor external information security assessments.
• Participates and supports internal policy assessments including but not limited to policy tests of compliance, effectiveness and developing value-added recommendations to improve internal IT controls and operational efficiency.
• Assess company processes and controls against ISO 27001, 27002, 27017, 27018 and other industry leading frameworks to identify gaps in design and execution and
• communicate issues and recommendations to control owners.

Interested in Applying?

We'd love to hear from you! Please click apply with your most current resume and anything else you'd like us to know about you. You should also feel free to call Pramod Kamti at my Direct no. 408-400- 2327 or email at