Auditor
Auditor
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
- Resume
- Writing samples for review that demonstrate the candidates ability to create an adequate IT Risk Assessment IT audit plan and Cybersecurity audit plan.
- The candidate shall provide as 5 Rerences (Name of the Reference Project: Phone Num Email: Description of Services Provided
- Auditor/Consultant with direct experience relevant to the scope of work identified.
Looking for a consultant to provide the following:
IT audit/consulting services to a Community College regarding:
1. Organization Structure
2. Internal Audit IT Risk Assessment/Audit Program
3. Highlevel review to support Internal Audit IT risk assessment with the goal of assisting in the development of the IT internal audit plan for the next 13years.
The consultant will help build a multiyear IT audit program for the Colleges Internal Audit Department based on an IT risk assessment using a format that is consistent with the format used by the Internal Audit Department.
The frequency and/or rotation of the audits in the audit plan will be tailored and customized based on
the Colleges budget constraints and risk appetite. Future IT audits are subject matter specific audits that address specific IT risks and will also be identified in the multiyear audit program. The multiyear audit plan should include only audits typical for organizations the size of the College and for common IT risks that such an organization may face. Due to general security concerns details such as number of servers types of platforms number of key applications databases data centers and locations use of outsourced IT functions Cybersecurity controls etc. will only be disclosed to the selected vendor.
1. The auditor should have professional certifications such as CISA CIA CISSP CRISC or similar.
2. Minimum 7 years of IT Audit experience: The auditor should have substantial experience in conducting both organizational structure reviews and Cybersecurity audits.
3. Experience in conducting riskbased IT audits: The auditor should use a riskbased approach in their audit methodology focusing on areas with higher risks to the organization.
4. Experience conducting riskbased Cybersecurity audits: The auditor should adopt a riskbased approach focusing on highrisk areas critical assets and potential vulnerabilities.
5. Familiarity with recognized security frameworks: The auditor should be proficient in assessing against the NIST Cybersecurity Framework and CIS Controls.
6. Ability to develop control matrices and test plans: Experience in designing and implementing IT control matrices and audit test plans for IT audits.
7. Proven track record in delivering audit reports: Ability to write clear concise and actionable audit reports suitable for presentation to senior management and audit committees.
8. Preferred: Background and prior experience particularly for community colleges .
Employment Type
Full Time
