Job Description :

Job Title: Cyber security Auditors
Experience 5-10 Years.
Location:  New York, NY 10036

  • Conduct technology audits, in addition to focused areas of cybersecurity such as digital forensics, threat intelligence or penetration testing as well as more general IT process reviews within cybersecurity. 
  • Provide security requirements during planning sessions, functional and technical requirement sessions, user story creation and grooming, and technical design based on identified risks.
  • Determine if any compensating controls are necessary due to inability to comply with the primary control requirements
  • Participate in all aspects of audit activities including risk assessments, planning, testing, control evaluation, work paper documentation, report drafting, issue clearance with cybersecurity and access management stakeholders, and follow-up/verification of issue closure
  • Performing vulnerability and/or penetration tests on clients’ environment
  • Complete, present to Security management, and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative to ensure transparency and appropriate level of acceptance.
  • Designing and executing risk-based audit programs, in order to assess the design and effectiveness of key technology and/or security controls for critical systems and processes.
  • Identifying areas for improvement and control gaps, and evaluating their significance and potential business impact.
  • Presenting practical, informed and concise recommendations to senior leaders, developing action plans and preparing written audit reports to document findings.
  • Collaborating with and educating process owners of the importance of a strong system of internal controls.


  • Solid understanding of enterprise cyber security with experience of designing, operating or managing security solutions and controls within a complex global network. 
  • Considerable knowledge and understanding of common cyber security technology tools such as firewalls, IDPS, DLP, Network access control, DDOS Mitigation, Anti-Malware, Anti-Virus, encryption and authentication. 
  • A robust understanding of IT and Information Security risk mitigation control processes such as vulnerability and threat management, patch management, penetration testing / red teaming / cyber-attack simulation. 
  • Knowledge of industry standards/regulations (ISO, NIST, PCI-DSS, PSD2, GDPR, NIS). 
    Experience of managing cyber, IT or Information Security controls.
  • Hands on Experience with technology infrastructure risk and controls, including administration of Network, O/S (Windows or Linux/Unix), Cloud, Database, Mainframe, and/or Middleware security control reviews 
  • Knowledge of information security controls, infrastructure technology, technology governance and assessments, ethical hacking / cyber security tools and toolsets e.g. Qualys, Kali, Backtrack, Net hunter, Bloodhound etc.

Client : Direct End Client


Similar Jobs you may be interested in ..