Security Auditor Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the security auditor job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

O Friesen

Oleta

Friesen

4897 Jamison Plains

Philadelphia

+1 (555) 331 9365

4897 Jamison Plains

Philadelphia

Phone

p +1 (555) 331 9365

Experience Experience

New York, NY

Security Auditor

New York, NY

Rice and Sons

New York, NY

Security Auditor

Assist our customers and regional specialists during independent audits of customer installations
Define and develop standardized documentation for the security capabilities of our products
Precise, punctual working manner
Participating in development of security procedures
Participating in promoting company-wide security standards
Coordinating physical protection matters of Wizz Air bases
Monitoring activities of Wizz Air departments and contracted partners related to security

Philadelphia, PA

Information Security Auditor

Philadelphia, PA

Watsica, Hane and Grady

Philadelphia, PA

Information Security Auditor

Advising and assisting other offices on policy development, including the Office of the Chief Information Security Officer for Michigan Medicine
Assisting in development, review, and dissemination of information security awareness communications in coordination with other institutional stakeholders
Providing subject matter expertise to the Compliance Education Committee
Provide advice based on the corporate standards, external legislation and general best practices to safely guide the business passed the pit falls of cyber threats
Work alongside the security risk assessment programme to identify and document any risks that are discovered
Monitor the audit findings are followed up by the system owners for closure of any non-conformances. Following up with secondary audits to ensure the work is being completed
Plan and develop audit scopes for key technology across the group

present

Phoenix, AZ

Senior Principal IT & PCI Security Auditor

Phoenix, AZ

Wisoky, Gaylord and Rau

present

Phoenix, AZ

Senior Principal IT & PCI Security Auditor

present

Execute audit fieldwork autonomously in accordance with audit work programs
Help make improvements and give recommendations for IT Security and PCI program enhancements
Drafts clear and meaningful findings, assessment reports, work papers, presentations, and other materials for presentation to management
Assist in providing compliance training to IT and audit staff
Report status to senior management and executive management
Interface and work with card brands, merchant banks, third party service providers such as data centers and call centers
Lead meetings to deliver PCI DSS and status reports to business compliance leads, IT and management

Education Education

Bachelor’s Degree in Computer Science

Towson University

Bachelor’s Degree in Computer Science

Skills Skills

Strong ability to investigate and report any findings in a clear and timely manner
Basic knowledge of IT Security and risk management
Excellent attention to detail
Ability to multitask
Excellent Understanding of all bet types
Good written and verbal communication skills
Maybe hold a CSSLP (Certified Secure Software Lifecycle Professional) or similar
High standards and a keen attention to detail
Ability to work in a team
Good concentration in reviewing large volumes of transactions

Create a Resume in Minutes

13 Security Auditor resume templates

Read our complete resume writing guides

Software Security Auditor Resume Examples & Samples

COBOL
C/C++
PHP
Ruby
ABAP
ColdFusion
Various development environments and frameworks a plus (Visual Studio, XCode, VS Razor, Django, Google App Engine, Rails, etc)

Information Security Auditor Resume Examples & Samples

Reviewing and evaluating IT operations, physical security, hardware configurations, IT systems and operating procedures in use throughout the Humana for compliance with established controls, policies, standards and procedures
Providing technical consultation on Security Tools and Technical Controls
Master degree
Extensive IT Security Experience

Senior Cyber Security Auditor Resume Examples & Samples

Lead audits assessing compliance with IA policies or standards across an organisation or business unit; e.g. IA maturity assessments, compliance with ISO 27001, departmental standards, relevant industry or private sector schemes
Identify opportunities for greater business benefits through improvements of controls
Provide supervision and guidance to IA auditors they are assigned to lead and takes responsibility for their audit findings
Develop audit plans to meet audit objectives and takes responsibility for their delivery (and seeks to refine and improve these to maximise benefits)
Lead audits to identify improvement needs and assess the management of information risk across the organisation or business unit
Report and justify audit findings to clients with minimal supervision
Review the effectiveness of information risk management
Must be flexible and be prepared to work on a variety of customer sites and locations as the business demands
Li - RD

Senior Principal IT & PCI Security Auditor Resume Examples & Samples

Conduct IT Security and PCI DSS assessments
Collaborate with IT and Business Stakeholders
Test IT Technical Controls including validation of implementations
Review and analyze technical documents including; Information security policies, compliance standards, and system component inventories
Understand, analyze and interpret network diagrams, data flow diagrams, server log files, vulnerability scan reports, firewall and router configurations, database schemas, IDS/IPS and FIM logs
Conduct datacenter walkthroughs and test for PCI DSS Requirement 9 (physical security)
Report status to senior management and executive management
Interface and work with card brands, merchant banks, third party service providers such as data centers and call centers
Assist in communicating the PCI DSS Program objectives across the enterprise
Build strong relationships with the business owners, IT management and operations staff
Assist in providing compliance training to IT and audit staff
Advise and partner with the business and IT on findings remediation efforts
Remain current with PCI DSS and new information from the PCI SSC and card brands, as well as all IT Security and Cybersecurity best practices
Lead meetings to deliver PCI DSS and status reports to business compliance leads, IT and management
Execute audit fieldwork autonomously in accordance with audit work programs
Help make improvements and give recommendations for IT Security and PCI program enhancements
Drafts clear and meaningful findings, assessment reports, work papers, presentations, and other materials for presentation to management
Coordinates all assessment efforts with business process owners, regional management, and IT teams
Performs data analytics to identify trends, anomalies, and areas of focus for IT Security assessments
Bachelor's degree in computer science or an equivalent combination of education and experience
Current or past QSA or ISA preferred but not required
CISSP, CEH, CISM, CISA, CRISC (or other top InfoSec certifications) preferred
Experience in a large technology firm preferred
Experience with an Oracle ERP environment preferred
Strong drive for results
Supportive teacher and trainer
Ability to explain complex technical concepts in simple, easy to understand terms
Flexible with many changing priorities
Positive Mindset to change and adaption
Some experience with audit and compliance activities including: Sarbanes Oxley, PCI DSS, Security Risk Assessments and IT Security audits (not required--will train the right person)
Ability comfortably interact with senior management in a consultative manner
Understanding of business processes, risks, controls, and security controls (e.g., Access Management, Logical and Physical Security, Networking security standards
Strong IT background and understanding of networks, servers, workstations and applications
Understanding of Virtualization and Cloud technology is preferred
Passion for Security and Security as a mindset is required

Information Security Auditor Resume Examples & Samples

Develop detailed audit execution plans
Work with multiple teams and personnel to gather audit evidence within specified timelines
Advise technical team members on methodologies to be compliant with a given set of controls
Present findings to audited technical teams and negotiate suggested action plans
Maintain solid fundamental understanding of Oracle Cloud services at a technical
Foster a positive work environment by soliciting feedback from colleagues and developing the skills of staff auditors
Knowledge of at least one of the following compliance frameworks: SSAE 16 SOC 1, SOC 2, ISO27001/ISO27002, PCI-DSS, or HIPAA
Knowledge of Cloud delivery models
Good understanding and knowledge of business risks related to IT system general controls, systems / applications development, change management, logical access security, security technologies, local area network and wide area network concepts, contingency and recovery
Working knowledge of technology infrastructure (UNIX and Windows environments, Routers Firewalls, Networking protocols, Encryption, Cloud Services, Encryption, and/or Data Loss Prevention products)
Travel up to 25%, with ability to travel overseas
Prior experience with Cloud delivered services
Experience with Sarbanes-Oxley preferred
CISA, CISSP, CISM, or other relevant certification preferred
Previous experience in compliance consulting a plus

Infrastructure / Information Security Auditor Resume Examples & Samples

Execute all audits in accordance with professional standards
Assists audit management in preparation & execution of the audit plan
Prepares Audit work program and understands the specific risks to be evaluated
Performs evaluation of internal controls, testing of processes
Performs reviews of major financial and operational processes
Perform detailed testing for information system integrity and transaction accuracy
Perform tests on the effectiveness of the Internal control environment within SG
Maintains clear work papers and audit trail of the work done in the appropriate tool
Write formal & clear reports to communicate audit results to management
Makes appropriate recommendations to improve SG processes
Timely issuance of the audit reports
Follow-up recommendations issued timely and escalate when needed
Acquire knowledge on activities and risks during assignments and via training
4 - 7 years of relevant experience

Cyber Security Auditor TS SCI Required Resume Examples & Samples

Must be DoD 8570: IAT III and CND-SP Specialty: CND Auditor
Work location Colorado Springs, CO
Must be willing to work night shifts; weekend day or night shifts; and Federal Holiday day; includes shift differential pay

Cyber Security Auditor TS SCI Required Resume Examples & Samples

2) Discover; identify; mitigate and report intentional or unintentional unauthorized use of customer information and information systems
3) Monitor for fraud; waste and abuse; including content inappropriate to the workplace; Illegal Activity; Productivity Loss and Non-Compliant Activity and provide support to Threat Mitigation Cell; Law Enforcement; General Counsel; Inspector General; customer privacy Office; and the customer Operations Security (OPSEC) Office through investigative research; forensic examination; internet monitoring and formal reporting
4) Identity Leakage (PII) Related; DoD Directive 54000.1; Privacy Program; which constitutes detection of SSN#s; Credit card information and other Personally Identifiable information. The Analyst must determine if information constitutes a violation of Personally Identifiable information especially when the information is sent outside Government network; Information does not belong to person sending it; information is not encrypted or password protected
5) Produces case evidence and reports
6) Work on special projects as assigned
7) Desire candidates with experience using cyber tools such as: Splunk; ArcSight; Fidelis; FireEye; Solera; Lancope. Experience with operating systems and databases a plus

Information Security Auditor Resume Examples & Samples

Perform security risk audits and reviews on new / existing applications and infrastructure, presenting results to management, making recommendations for information security risk reduction
Maintain awareness of emerging threats and how they can impact the company
Partner with Information Security group for collaborative prioritization of reviews including third party / vendor audits
Consult on other internal audit projects on potential security exposures
Support security awareness within the organization
Requires a Bachelor's degree along with at least 12 years of prior related work experience
CISA certification is required - may be obtained within 24 months of hire
At least one security certification is needed such as: CISSP, CCSP, CRISC, CIPP, or CIPT
Prior experience and knowledge in areas such as emerging risks, cloud adoption, third party risk management/ vendor evaluation, regulatory requirements, physical and logical access control, device hardening, and security risk management
Experience working in or managing SOC 1 and SOC 2 reviews / audits
Experience evaluating controls relative to information security frameworks such as NIST Cybersecurity framework or ISO 27001/2
Technical ability – strong understanding of technology and associated risks, how to leverage it appropriately
Excellent communications skills, verbal and written, as well as listening and interviewing
Excellent analytical skills including: problem solving; root cause analysis, experience with data analysis techniques and tools
Adaptability, flexibility, and creativity
Strong project management skills, including intermediate knowledge of project management software
Excellent influencing and relationship building skills, including negotiating skills
Advanced knowledge of Microsoft Office tools
Subject Matter Expert knowledge of IT Audit frameworks (COBIT), Microsoft Excel and ACL (Audit Control Language)
Gainshare bonus of up to 40% of salary (paid to all employees based on the company’s achievement of annual performance objectives)
Ongoing training and opportunities for career advancement
Diverse, welcoming culture with Employee Resource Group
Casual dress
Wellness program with discounts & rewards, and onsite gym
Onsite healthcare and the standard benefits (medical, dental, vision, 401k)

Security Auditor Resume Examples & Samples

Review transactions within the Retail betting business
Review staff and customer behaviour via transactions
Highlight trends and issues
Investigate and follow up queries
Deal with shop staff, internal and third parties queries
Handle documentation returned from shops according to SLAs and KPIs
Excellent Understanding of all bet types
Good concentration in reviewing large volumes of transactions
Self-managing and motivating skills
Strong ability to investigate and report any findings in a clear and timely manner
High standards and a keen attention to detail
Flexible approach to work
PC skills, especially Excel

Information Security Auditor Resume Examples & Samples

Work with all areas of the business to ensure that strategies relating to Information Security fit with company requirements
Develop audit scopes and programmes that demonstrate commercial awareness and address key technology and business related risks
Auditing internal practices for SDL against the current Information Security and compliance standards
Auditing partners against applicable compliance standards and contractual obligations
Document, publish and maintain key information relating to security processes and architecture; utilising documentation tools, standard templates and the document approval processes
Support RFX/pre-sales process, conduct presentations, and support client-specific meetings (including audits) when required
Continually review and improve upon existing systems by engaging with key Business owners to discuss issues/concerns relating to service\system function
Support the larger initiatives for Business Continuity and Disaster Recovery across SDL product suite
Contribute to the development of policies, standards and guidelines that define the use of Information Technology within the enterprise
Provide support, direction, guidance and training to the larger SDL organisation and functions as required
Support risk assessments against new and existing technology being sure to report and act upon any discovered weaknesses
The ability to use your own initiative
Analytical thinking and attention to detail
The ability to work effectively on your own and as part of a team
Strong ethical standards and high levels of integrity
The ability to think objectively and demonstrate sound judgement
Organisation and facilitation skills
Resilience under pressure
Being able to explain complex issues to inexperienced people
Ideas generator and innovator: always asking Why? How?
Flexible thinking and ability to adapt to change
6 months prior experience of auditing information systems and corporate operations
In-depth knowledge of the ISO 27001 and other industry recognised frameworks and standards
Audit experience in highly regulated industries such as Life Sciences, Financial or Government is desirable
Strong technology skills and knowledge of a broad range of areas including networking, software development lifecycle, server and cloud based technologies
Flexibility to travel globally (when needed). Estimate less than 30% of time
Self-starter requiring little supervision to complete tasks independently, curious, fast moving pace, self-developer, exhibits interest in world outside SDL and seeks to learn lessons to apply internally

Senior Cyber Security Auditor Resume Examples & Samples

Develop Audit and Compliance standard work processes, templates and tools
Support Corporate and External Audits of SPS Products
Communicate and partner with issue owners to ensure remediation activities of all issues are being completed on time to plan
Develop and track metrics ensuring that the Audit, Compliance, and Process mandates are being followed
Strong working knowledge of software development
In depth knowledge of BSIMM, and OPENSAMM
Excellent communication and facilitation skills
Strong Coaching and Influencing Skills
Exceptional planning and organization skills

Security Auditor Resume Examples & Samples

Monitoring effectiveness of the Wizz Air Security Program according to security quality control program
Monitoring activities of Wizz Air departments and contracted partners related to security
Maintaining effective security liaison with Civil Aviation Authority of Hungary, Hungarian airport authorities, law enforcement and government agencies
Participating in promoting company-wide security standards
Participating in development of security procedures
Coordinating physical protection matters of Wizz Air bases
Participating in airline risk and threat analysis
Reporting all actual or suspected acts of unlawful interference to the appropriate authority
Participating in investigations on security-related matters
Analyzing security-related reports from company departments on security-related matters and taking appropriate actions

Cyber Security Auditor Resume Examples & Samples

Develop compliance, risk assessment, and standards and processes leveraging Corporate Policies, BSIMM, and OPENSAMM
Perform internal audits against selected SPS priority projects to demonstrate compliance with appropriate policies and standards
Report monthly metrics of issues and vulnerabilities
Bachelor’s degree in computer science or software engineering, electrical engineering or other appropriate field
Strong knowledge of auditing principles and how to apply them to internal and external audits
Outstanding presentation skills
Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project teams
Audit certification or proven working experience as an auditor
Demonstrates strong interpersonal skills, including the ability to effectively listen and communicate with others to resolve conflicts in a professional manner
Ability to start and persist with specific courses of action while exhibiting high motivation, sense of urgency, and ownership

Software Security Auditor Resume Examples & Samples

Manage and mentor staff. Build an effective team that strives to help the organization continuously improve and adopt new technologies and practices
Work with SW Engineering and others to schedule and drive tool migrations and timey adoptions
Ensure staff supporting tools and staff using tools have the training needed to excel
Serve as point person for tools on Engineering CCB
Stay current with new tools and best practices and share with others
Establish and maintain vendor relationships
Good knowledge of ALM tools and how they can effectively support and enhance secure software development practices
Managing eco-system of ALM tools including
3-5+ years’ management experience in the field or related area

Information Security Auditor Resume Examples & Samples

Preparing or reviewing HIPAA Security Compliance Assessments for new information systems and information technology services
Evaluating assurances of security and compliance for vendors and partners accessing Michigan Medicine Health Information
Answering security compliance and policy questions raised by Michigan Medicine workforce, assigning and triaging to other departments as appropriate, recognizing and escalating critical issues
Advising and assisting other offices on policy development, including the Office of the Chief Information Security Officer for Michigan Medicine
Tracking, reporting, and escalating violations of information security policy
Supplemental review and tracking of information security policy exceptions
Assisting in development, review, and dissemination of information security awareness communications in coordination with other institutional stakeholders
Identifying information security risk areas where further awareness and training is needed within the institution
Providing subject matter expertise to the Compliance Education Committee
Presenting pertinent information security topics, outreach sessions, and in-service training
Reviewing and following up on the implementation of Corrective Action Plans by departments
Assisting Privacy Compliance team in breach risk analysis associated with security incidents, interpreting and validating (as needed) the conclusions reached by Information Assurance
Continuous auditing of the application of university Security Risk Management processes to above units, including assessment and remediation
Maturing the HIPAA Risk Analysis for Michigan Medicine and assuring Risk Analysis across the University of Michigan covered entity
Measuring the effectiveness of security compliance programs through data analytics and the creation of metrics
Requires a bachelor's degree and 3-5 years of relevant experience in IT administration or security, or an equivalent combination of education and experience
Requires understanding of information security mechanisms and concepts, including the risk management framework
Requires strong analytical and creative problem-solving abilities
Requires excellent writing, communication, interpersonal, presentation, and organizational skills
Requires the ability to work effectively and collaboratively as an individual contributor or team member in a diverse work group and the wider university community
Requires the ability to work independently while completing assignments on time, with consistent high quality
Requires solid organizational, time management and leadership skills, including the ability to successfully work on multiple projects simultaneously
Requires proficiency in basic office productivity and task management tools – Excel, Word, Powerpoint, Outlook
Deep knowledge of and experience in applying HIPAA and associated guidance; other laws and regulations relevant to healthcare or academic medicine; and NIST security standards is preferred
Experience performing certification and accreditation under FISMA is preferred
Security, compliance, or auditing certifications such as CISA, CISSP, HCISPP, or CIA are preferred
Experience working in healthcare, especially academic medical centers or other large healthcare delivery organizations is preferred
Experience planning, performing, and reporting on audits is preferred
Experience analyzing data and creating or calculating metrics is preferred
Experience solving problems through LEAN is preferred

Information Security Auditor Resume Examples & Samples

Participate in the planning, execution and reporting of the internal assessment for the annual FISMA and ISO 270001 audits to include formulating questions and review topics, collecting and evaluating evidence and preparing reports and documentation in an appropriate format
Prepare responses to customer security questionnaires in support of new business opportunities
Establish an enterprise information security auditing separate from annual assessments to include auditing existing computing systems, IT processes, and other areas as required. 5. Use appropriate methods to monitor internal compliance with PII, records management and other RELX policies as assigned
Plan, execute and report information technology, privacy, and operational reviews in order to identify business, privacy, security, compliance, information technology and regulatory risks
Perform other job related duties as required
BA or BS degree in MIS, Accounting, or related field
Three years of audit or Information Security experience including at least one year of systems audit experience
Working knowledge of FISMA/NIST 800-53 or ISO 27001, policy and procedure review and document management, gap analysis, risk assessments
CISA and/or GIAC Systems Network Auditor certifications preferred

Information Security Auditor Senior Resume Examples & Samples

Continuous auditing of security compliance for university units working with Michigan Medicine Health Information or with any HIPAA Protected Health Information
Communicate
Experience working in academic medical centers or other large healthcare delivery organizations is preferred
Experience working directly with clinicians and university faculty is preferred
Understanding of internal controls is preferred
Experience writing or editing policy is preferred
Experience diagramming business processes and data flows is preferred
Knowledge of Michigan Medicine or U-M policies is preferred
Security, compliance, or auditing certification such as CISA, CISSP, HCISSP, or CIA is preferred
Experience working in healthcare, especially in academic medical centers or other large healthcare delivery organizations is preferred
Experience solving problem through LEAN is preferred

Security Auditor / Consultant Resume Examples & Samples

Diplomacy
Able to work across the organization
Leadership ability
Mediation skills
Strong verbal and written Communication
Independent Decision making
Lean Six Sigma Green Belt?
CISA, CISM and/or CISSP

Information Security Auditor Resume Examples & Samples

Seasoned security practitioner with a minimum of 8 years of cyber security experience and 10 years of total Information Technology experience
Ability to quickly grasp the complex technical systems that comprise Symantec’s service line
Ability to identify and understand business drivers and risk tolerances from interviews
Ability to rapidly execute on and finish risk-based internal audits in support of a certified Information Security Management System (ISMS)
Strong analytical and probing skills
Excellent communication skills (in English) – particularly on verbal telephone interviews and written reports
Strong knowledge of information security and risk management processes
Experience of internally auditing technical systems and processes or on the auditing of quality systems would be highly valued
CISSP, CEH, and PMP certifications strongly preferred

Security Auditor Resume Examples & Samples

Continuously refining our Security Test and Verification policies
Evaluate impact from new customer requirements, compliance frameworks, and relevant standards on our policies and procedures
Engage with independent auditors, certification bodies etc
Assist our customers and regional specialists during independent audits of customer installations
Participate in the continuous refinement of processes and technology
Define and develop standardized documentation for the security capabilities of our products
Preach the gospel of security, auditing and testing within Vestas R&D
You are results driven, and can get things done
You contribute to creating a well-functioning team, and engage respectfully with your peers
You strive for cooperation to achieve a common vision and common objectives
Basic knowledge of IT Security and risk management
Basic programming/scripting skills
Software Security Assessment frameworks (OWASP or similar)
Can view beyond IT and accommodate Industrial Control Systems (ICS) as well
Maybe hold a CSSLP (Certified Secure Software Lifecycle Professional) or similar
English: Proficient

Information Security Auditor Resume Examples & Samples

Document, publish and maintain key information relating to assessed security processes and audit findings utilising documentation tools, standard templates and the document approval processes
Support client-specific meetings (including vendor audits of SDL) when required
Continually review and improve upon existing systems by engaging with key business owners to discuss issues/concerns relating to processes, services, and system functions identified during internal audit’s or risk assessments
Support risk assessments against new and existing technology, report and act upon any discovered weaknesses
Knowledge of ISO 27001 and other industry recognised security frameworks and standards

Information Technology Security Auditor Deloitte Global Resume Examples & Samples

Manage and continually improve the processes surrounding the ISMS (Information Security Management System)
Produce monthly and quarterly reports and metrics related to the ISMS
Maintain all ISMS policy and process documentation in the global document repository
Liaise with GISO, Project Management and Business Solutions teams to ensure continued support of the ISMS and compliance to the security related processes
Coordinate/execute all internal and external IT audits including but not limited to ISO27001, SOC2, ISO27017, ISO27018, ISO20000 audits
Execute yearly Risk Assessment process including risk treatment management and corrective action planning
Manage the end to end Privacy Shield certification process for DTTL business process areas
Represent GTS in Global Security initiatives
Participate as needed in post mortem activities
Ensure awareness, training and compliance with all Information Security Management System policies, procedures, and is responsible for all information security assets
Report any breaches in information security or policies
Collate data and distribute daily and monthly operational reports OR Produce daily and monthly reports on Compliance activities
Contribute to, produce and maintain processes, procedures, operational documentation as well as drive continual improvement initiatives related to Service Management
Train new staff in audit processes and procedures
Work with CTO leadership and applications teams in reviewing new documentation
Ability to explain ISO 27001 in layman business language for consumption by business leaders, practitioners and client engagement team leaders. Level of knowledge, confidence and finesse to represent IT security in meetings with senior leaders
Proven experience in implementing/improving ISMS process
Advanced understanding and recent experience with ISO 2700 family of standards including (but not limited to): ISO 27001 requirements (clauses 4-10) and ISO 27002 control guidance, ISMS methodology implementation, solution design and process design
Risk treatment management and corrective action planning
Core Microsoft infrastructure applications including but are not limited to: Microsoft Windows Server Operating System, Exchange, IIS, SQL, System Center and other applications as deployed by the firm
Demonstrates ability to influence decision-making through high level analysis and interpretation of data from multiple sources. Ability to critically analyze results to detect data errors, anomalies or conflicts. Relates analysis to business strategy and process
Ability to lead the execution of the key operational and support processes, identify improvement opportunities and lead the development of the identified improvement efforts
Ensures the primary goals of GTS IT governance: for investments to generate business value are promoted, understood and managed and met. In-depth knowledge of portfolio, businesses, functions and all relevant stakeholders to successfully drive decisions and recommendation regarding the IT portfolio
Executes design activities and establishes standards / leading practices for service design activities
Demonstrated knowledge and strong interest in keeping abreast of Information Technology Service Management trends, directions and emerging technologies including systems/technologies integration and design/architecture
Strong understanding of service process and frameworks/ standards such as CMMI, MOF and COBIT
Professional Qualifications are preferred, including

Cash & Security Auditor Resume Examples & Samples

Participate in projects and/or activities that ensure compliance with applicable federal, state and local laws and regulations
Identify gaps and provide solutions that minimize losses resulting from inadequate armored carrier processes, systems or human errors
Identify, respond and/or escalate risks as appropriate
Audit U.S. Bank, Elan managed inventories and the customer's facilities
Test and provide guidance to those being audited during the audit
Demonstrate an ability to effectively report, orally and in writing, exceptions to the armored carrier vault and armored carrier management and remediate audit findings
Explain/communicate monetary differences and audit findings to Cash Operations/Management, Elan West and Vendor Management/Vendor Support
Monitor exceptions and remediations as well as ensure all remediations are completed to U.S. Bank, Elan’s satisfaction
Demonstrate a clear understanding of the latest FinCEN guidance to armored carriers; money transmitter laws; Regulation E; USA PATRIOT Act; Anti-Money Laundering and Bank Secrecy Act requirements
Stay abreast of general business/economic developments and new pronouncements/standards, to gain an understanding of their links and impacts to the assigned risk areas
Understand and apply technical standards as applicable
Five to seven years of experience in an applicable risk management environment
Advanced knowledge of applicable laws, regulations, financial services, and regulatory trends that impact their assigned line of business
Position requires extensive travel
Advanced understanding of the business line’s operations, products/services, systems, and associated risks/controls
Advanced knowledge of Risk/Compliance/Audit competencies
Must possess business acumen and credibility to help business line(s) proactively identify and address changing workforce needs

Information Technology Security Auditor Resume Examples & Samples

Knowledge of the internal audit process, including knowledge of generally accepted accounting principles and The Institute of Internal Auditor’s Standards for the Professional Practice of Internal Auditing
Knowledge of accounting systems and of IT Commonwealth of Virginia Information Security Standard SEC501 and Publication1075
Knowledge of what comprises competent, evidential matter; thorough understanding of internal controls; and use of operational audit techniques
Knowledge of a wide variety of information technology activities, including computer system operations, systems development techniques, and information systems security
Ability to analyze financial and non-financial data to arrive at logical conclusions and to identify areas of audit concern
Ability to work independently; to communicate well verbally and in writing; and to interpret pertinent laws and regulations to specific situations
Ability to prepare planning activities for IT audits, ad hoc projects, as assigned; ability to demonstrate initiative in developing audit objectives and procedures for the conduct of IT audits; ability to prepare / review audit programs necessary to fulfill the audit objectives; and ability to assist with Department’s risk assessment and audit plan development process
Ability to conduct all aspects of the end-to-end IT audit process to include engagement planning, coordination, scope determination, risk and control identification, design of audit program procedures, testing, and evaluation and analysis of results and ability to prepare adequate documentation (work papers) supporting all audit work performed to support the preparation of a written report to Management
Knowledge of computer systems, including understanding of micro and server environments with a thorough understanding of retrieval software
Familiarity with the following systems and technological environments and software tools: Operating Systems (Unix, Linux, Microsoft Windows), Database platforms (Oracle, SQL), Application Lifecycle Management (Team Foundation Server, Agile), Internet technology and n-tier environments (IIS, ASP, Apache, JBOSS, ColdFusion, PHP, Drupal), Network routing and switching, VOIP, Customer Relationship Management (Siebel), Microsoft Enterprise environments and software applications (Active Directory, SharePoint), Business Intelligence platforms (SAP Business Objects)
A degree in information technology, business or computer science is preferred
Certification as a CISA, CISSP or CISM is desired
Auditing experience, preferably having served as an Information Technology Security Auditor

Software Security Auditor Resume Examples & Samples

Perform time-sensitive application security assessments against multiple programming languages utilizing a variety of methods including: manual code inspection, configuration review, and automatic static analysis tools
Give high-level customer consulting, including teleconferences and occasional onsite presentations; these interactions cover vulnerability report discussion and concept-level remediation advice as the organization’s software security expert
Able to skilfully articulate complex concepts to audiences of different organizational perspectives
Have a background in software development in at least one major object-oriented language,
Understand OWASP “Top 10” concepts for web application security, SDLC models, and possess a general familiarity with multiple platforms; mobile OS experience is a plus
Assess code logic with multiple, potentially less-familiar languages
Have a good working knowledge of various programing languages to include
Current Security+CE certification
Active Secret DoD Security Clearance or the ability to obtain one
Bachelor’s degree in Computer Science or related field desirable but not required
Minimum 2 years professional development experience
Experience in customer-facing roles - may include: sales, consulting, or account management
System administration familiarity a plus

Senior Security Auditor Resume Examples & Samples

Financial cryptography
Payments security and regulations
PCI DSS, PCI PIN, PCI PTS
Hardware and software security standards and evaluation
B.Sc. or M.Sc degree
General Clerical, office administrative or document control exoerience preferred
A self-starter with a strong sense of ownership and responsibility
Eligible for PCI QSA accreditation
Well-presented and able to produce quality reports / presentation materials

Information Security Auditor, Professional Resume Examples & Samples

The coordination, assessment, development, maintenance and implementation of business continuity and disaster recovery plans that minimize the financial, operational and reputational impact to our organization and support the resumption of operations in the event of a disruption
Understand the businesses applications and infrastructure
Business continuity and disaster recovery planning efforts are aligned and compliant with the planning guidelines established by the risk management stakeholders (ERR)
Identify and convey business continuity gaps which place our organization at risk
Coordinate with BCP Consultant to facilitate annual risk management program with business leaders
Analyze and determine potential gaps or risks in our controls and processes that could result in non-compliance and have a possible effect on business unit and customer operations
Develop and recommend changes to policies and procedures to ensure compliance
Work with BCP Consultant to determine areas of the division and business units that are affected by changing standards, laws and regulations to confirm that appropriate changes are implemented
Recommend appropriate actions based on analysis of customer/client compliance issues and questions
Assist with audit activities, including internal and 3rd party audits, and bank regulatory examinations
Work with BCP Consultant to coordinate the efforts of other departments to arrive at common goals related to risk assessments and business continuity planning and testing
Document and maintain business continuity plans and testing exercise plans and results
Participate in the DR testing exercises and document issues and results, normally scheduled after local business hours and outside local work week
Work with Incident Managers to determine severity and classification of incidents
Submit incidents to ERR as needed and manage the communication process throughout the lifecycle of the incident

Information Security Auditor Resume Examples & Samples

Plan and develop audit scopes for key technology across the group
Ensure audits are scheduled and completed in alignment with audit programme
Ensure audits are completed, written up and submitted with all corrective actions agreed within the mandated timescale
Ensure audit reports concise, their findings understandable, and action plans documented
Engage with high level business owners to discuss concerns relating to the outcome of audits
Monitor the audit findings are followed up by the system owners for closure of any non-conformances. Following up with secondary audits to ensure the work is being completed
Work alongside the security risk assessment programme to identify and document any risks that are discovered
Provide advice based on the corporate standards, external legislation and general best practices to safely guide the business passed the pit falls of cyber threats
Support The Hut Group’s PCI DSS compliance status