The Senior Information Risk Auditor is required to have strong skills that demonstrate proficiency with cybersecurity, information risk management, data security, cybersecurity and data privacy regulatory compliance (SOC 1-2, HITRUST, HIPAA) auditing, testing, customer service and information assurance. The Senior Information Risk Auditor will be working directly with clients testing and validating policies and procedural controls ensuring the confidentiality, integrity, and availability of their data.
- Leads client projects
- Key member of the teams performing engagements in attestation for HITRUST and SOC 1 and 2, and supply finished work product, testing, and reporting.
- Prepare clear and concise working papers and reports to the engagement principal or partner.
- Experience performing internal or external audits of information technology/cybersecurity/regulatory controls
- Has regulatory compliance skills in relation to key legislations such as the Health Insurance Portability & Accountability Act (HIPAA), Payment Card Industry (PCI), The National Institute of Standards and Technology (NIST) and The Gramm-Leach Bliley Act (GLBA) and compliance assessments.
- Assess and prepare meaningful and well-written recommendations for inclusion in client correspondence.
- Demonstrate the ability to identify issues and apply data protection principles and auditing procedures.
- Work independently as needed on client projects in and out of the office.
- Develop positive working relationships with clients.
- Maintain and promote ethical and firm values in conducting internal and external business activities.
- Develops effective working relationships between the client and the Firm/FoxPointe.
- With little oversight, leads engagements to ensure on time, accurate, and client satisfaction.
- Communicates status to Managing Consultant/PM/Principal on a timely basis.
- Proactively seek out opportunities to continuously develop and build on existing and new skills to support your professional growth within the Firm/FoxPointe.
- Obtain additional industry certifications as well as maintain existing certification.
- Keep up to date on current events and works with the team to determine the impact on a client's business.
- Mentors and supports the professional development of others.
- Seek opportunities to network internally and externally to build professional relationships
- Excellent “soft skills” verbal, customer service, and written communication skills
- Ability to work outside of normal business hours at peak client service delivery times
- Ability to develop and sustain business relationships for the purpose of increasing the firm’s client base
- Strong organizational, problem-solving, and analytical skills
- Flexible approach to tasks that may change daily.
- Analytical ability to break down problems into constituent parts.
- Ability to actively listen and question appropriately to gain full understanding.
- Computer proficiency and ability to effectively use firm technology
- Skilled in Microsoft Office suite
- A bachelor's degree in computer science, IT, Accounting, Cybersecurity, or relevant majors/minors or commensurate experience.
- Certification in one of the following: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager certification (CISM), Certified HITRUST CSF Practitioner (CCSFP), Certified in Risks and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified HITRUST Quality Professional (CHQP), Security+ and CSA+.
- Three + years' experience of working on cyber audit and attestation projects (HITRUST, SOC 1/2, ISO 27001) projects.
- Solid understanding of security assessment and management is required.
- Security design, architecture and implementation is necessary.
- Cybersecurity, data security and data privacy regulatory compliance understanding is essential.
- Great project management and communication skills is a requirement.
- In-depth knowledge of data protection regulations and technology supporting fraud detection.
HOURS OF OPERATION:
- Our office hours are 8:00 a.m. to 5:00 p.m.
- Our summer hours are 8:00 a.m. to 5:00 p.m. Monday through Thursday, and 8:00 a.m. to noon on Friday.
- The ability to work additional hours during busy season is critical, but the rest of the year, flexibility is key.
In the fast-changing accounting industry, FoxPointe Solutions, a division of the Bonadio Group, is always on the cutting edge of growth and innovation. Top-rated employee policies keep our workforce energized and advancing, and because of our many teams and specialty services, we offer more paths to partnership, including non-traditional arrangements. Add to that our robust training and mentoring programs, and the opportunities for growth really add up. Truly, at FoxPointe Solutions, your trajectory is limitless. Get on board, grow with us, and find your path to partnership. Apply today!
We are an Equal Opportunity/Affirmative Action/AA Disability/Veteran Employer