Principal Cybersecurity Audit Management

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, or Accounting is preferred.
• Advanced proficiency (7+ years) in audit management, project management, and time management, with strong skills in Microsoft PowerPoint, Excel, Outlook, and Word.
• Demonstrates exceptional verbal and written communication skills, with the ability to convey complex information clearly and persuasively to diverse audiences.
• Skilled in crafting professional documentation, delivering impactful presentations, and facilitating effective dialogue that fosters collaboration and drives informed decision-making.
• Demonstrated ability to analyze complex data sets, identify trends, and develop actionable strategies to drive informed decisions and process improvements.

Nice To Haves

• 5–10 years of experience in IT operations, security operations, and auditing.
• Extensive knowledge and hands-on experience in IT security, including access controls, network security, logging and monitoring, vulnerability assessments, system hardening, and secure software development preferred.
• Comprehensive knowledge of auditing practices with hands-on experience in ISO 27001, PCI DSS, and AICPA SOC audits.
• Professional certifications such as CISSP, CISM, CCSK, CCSP, Project Management, CISA, and CPA.

Responsibilities

• Facilitate training sessions for internal employees on in-scope requirements, standards, and controls.
• Conduct meetings to gather, review, and analyze data from complex systems—including applications, operating systems, databases, and network devices—to identify risks, exposures, and compensating controls.
• Collaborate with internal teams and external auditors to address security control gaps identified during audits.
• Prepare weekly and monthly status reports detailing outstanding audit items and overall audit progress.
• Lead weekly meetings to review audit status and facilitate working sessions to resolve open issues.
• Manage multiple audits with varying deliverable dates across numerous stakeholders, ensuring timely completion and visibility of potential roadblocks.
• Perform research and analysis on audit topics to provide insights and recommendations for addressing in-scope issues.
• Capture lessons learned and conduct postmortems to improve processes and tools for internal teams and the PCI audit management team.
• Develop postmortem presentations highlighting issues encountered during audits and ensure compliance with applicable requirements, standards, and controls.
• Provide Data and Control Owners visibility into postmortem issues and ensure remediation plans are implemented; follow up periodically on progress.
• Create and provide monthly audit and compliance metrics.

Benefits

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.