Amphenol- Cyber Security Auditor

About The Position

Requirements

• 7+ years of experience in cybersecurity, IT audit, cyber risk, or second‑line assurance.
• Strong understanding of cybersecurity frameworks such as NIST CSF, NIST 800‑53, ISO 27001, CIS Controls, and SOC 2.
• Demonstrated experience with audit processes, control testing, risk assessments, and evidence evaluation.
• Technical knowledge across: Identity & Access Management (IAM), Network and infrastructure security, Cloud security (AWS, Azure, GCP), ERP systems, Endpoint security and EDR, Vulnerability management and secure configuration.
• Ability to translate technical issues into clear business risk narratives for non‑technical stakeholders.
• Strong communication, documentation, and presentation skills.
• Experience working in highly decentralized or federated environments.
• Ability to travel internationally as needed.

Nice To Haves

• CISSP – Certified Information Systems Security Professional
• CISA – Certified Information Systems Auditor
• CRISC – Certified in Risk and Information Systems Control
• CISM – Certified Information Security Manager
• GIAC certifications (GSEC, GSNA, GPEN, GCCC, GRID, etc.)
• ISO 27001 Lead Auditor or Lead Implementer
• CEH – Certified Ethical Hacker (for testing oversight)
• Experience supporting SOX ITGC, SOC 1/SOC 2, ISO 27001, or regulatory cybersecurity audits.
• Familiarity with SIEM, EDR, vulnerability scanners, and penetration testing tools.
• Experience in manufacturing, industrial, or OT‑heavy environments.
• Background in third‑party risk management or supplier cyber assessments.
• Ability to develop cyber maturity models, dashboards, and risk reporting.
• Experience working with managed service providers (MSPs) or decentralized IT structures.
• Exposure to cloud governance, zero trust principles, and secure architecture reviews.
• OT/ICS environments

Responsibilities

• Serve as a second‑line cybersecurity oversight and assurance function, proactively identifying control gaps before internal or external audits occur.
• Partner closely with Internal Audit to support cybersecurity‑focused audits, walkthroughs, evidence preparation, and pre‑audit readiness.
• Work directly with global operating companies to assess cybersecurity posture and control maturity, identify risks across identity & access management, infrastructure, cloud, endpoint, and operational technology (OT), and recommend pragmatic, risk‑based improvements aligned with industry frameworks.
• Perform and evaluate cybersecurity testing activities, including review of penetration testing methodologies, tooling, and remediation plans; assessment of vulnerability management processes and patching cadence; and evaluation of incident response readiness, logging, and monitoring practices.
• Monitor and report on cybersecurity risks, recurring control issues, and trends across global operations.
• Support development and refinement of cybersecurity policies, standards, and audit playbooks to drive consistency across decentralized environments.
• Influence, educate, and guide stakeholders to strengthen accountability for cybersecurity controls and risk ownership.