Lead Internal Auditor IT - PCI

About The Position

Requirements

• Ability to work lawfully in the U.S. without employment-based immigration sponsorship, now or in the future.
• Bachelor's degree in information technology, business, accounting, and/or finance or related field or an equivalent combination of education, training and experience
• 3+ years of experience in IT audit or public accounting
• Experience with various technologies, including networks, applications, and operating systems
• Ability to read, write, speak and understand English
• Ability to communicate effectively with key stakeholders (both written and verbal) and interact positively and communicate with all levels of Management
• Demonstrated leadership skills and understanding of business processes, financial reporting and information technology audit and control frameworks such as SOX, COBIT, ITIL, and PCI DSS
• Knowledge of IT audit methodologies and control frameworks for areas that include network security, logical access and change management controls for supporting infrastructure, applications, and databases
• Proficiency and familiarity with various network architectures, services, systems, applications, development platforms, network/security technologies
• Knowledge of information security tools to identify vulnerabilities in networks and applications

Nice To Haves

• CISA, CIA, CISSP, CISM, CEH, GPEN, OSCP, CPT and/or MBA
• PCI standards, NIST, and IT security knowledge

Responsibilities

• Assist with planning and scope validation for the annual controls assessment and execute controls assessments related to PCI compliance
• Understand PCI compliance, General IT Controls (GITC) and other IT Security controls
• Execute controls assessments in conjunction with audit standards, guidelines, and best practices
• Identify areas of non-compliance and risks that impact the cardholder data environment and organization
• Evaluate documentation and conclude on effectiveness of remediation actions performed by technology and business process owners
• Prepare audit observations and review results with technology and business process owners (including management)
• Assist with the PCI Report on Compliance and other related reporting requirements
• Keep abreast of relevant business developments and evolving IT risk areas
• Contribute ideas and opinions to the Internal Audit team by identifying changes within the PCI environment that could impact the broader cybersecurity environment
• Develop and maintain effective relationships within the team and individuals throughout the organization

Benefits

• Here, our employees don't just have jobs, they're building careers. That's why we offer a comprehensive pay and benefits package that rewards employees for their contributions to our success, supporting all aspects of their well-being at every stage of life.