TransUnion's Job Applicant Privacy Notice

What We'll Bring:

Performing audits of cybersecurity and IT practices and controls throughout the organization using an established assessment process and framework.

What You'll Bring:

• Assist in developing risk based annual audit plans and actively participate in risk assessment meetings
• Assist manager in coordinating with process owners to initiate, scope, plan, and conduct periodic controls assessments to identify areas of risk by evaluating the design and operating effectiveness of IT and cybersecurity controls over on premise and cloud hosted applications, operating systems, and databases as well as the network infrastructure
• Execute audits and advisory projects by analyzing, testing and evaluating organization’s control environment by using a blend of traditional sampling and data analytics/ automation.
• Perform detailed assessments of key system implementations and cloud migrations
• Where necessary, lead engagements and communicate issues to process owners, ensuring their understanding of associated risks and the actions needed to remediate those risks
• Document detailed results of audit procedures performed that support the conclusions reached
• Prepare draft audit reports based on the adequacy and effectiveness of controls evaluated
• Analyze information security areas including governance and risk management, access and password controls, cloud and cybersecurity, physical security, system security architecture and design, business continuity, disaster recovery, network security, application & operations security, incident management, documentation, including data migrations and system implementations
• Track and monitor open audit issues for remediation by working with process owners
• Research security trends, threats, and prevention technologies
• Participate in departmental initiatives, administrative matters, and special projects

The essential duties are as follows:
• Assist in developing risk based annual audit plans and actively participate in risk assessment meetings
• Assist manager in coordinating with process owners to initiate, scope, plan, and conduct periodic controls assessments to identify areas of risk by evaluating the design and operating effectiveness of IT and cybersecurity controls over on premise and cloud hosted applications, operating systems, and databases as well as the network infrastructure
• Execute audits and advisory projects by analyzing, testing and evaluating organization’s control environment by using a blend of traditional sampling and data analytics/ automation.
• Perform detailed assessments of key system implementations and cloud migrations
• Where necessary, lead engagements and communicate issues to process owners, ensuring their understanding of associated risks and the actions needed to remediate those risks
• Document detailed results of audit procedures performed that support the conclusions reached
• Prepare draft audit reports based on the adequacy and effectiveness of controls evaluated
• Analyze information security areas including governance and risk management, access and password controls, cloud and cybersecurity, physical security, system security architecture and design, business continuity, disaster recovery, network security, application & operations security, incident management, documentation, including data migrations and system implementations
• Track and monitor open audit issues for remediation by working with process owners
• Research security trends, threats, and prevention technologies
• Participate in departmental initiatives, administrative matters, and special projects

Impact You'll Make:

4 – 5 years of experience in an IT Audit, IT Assessor, or Information Security role with minimum of 2 years in a Public Accounting Firm
Bachelor’s degree in computer science, management information systems or related field
Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cybersecurity, cloud-based architecture & security, physical security, security architecture and design, business continuity/disaster recovery, network security, application & operations security and compliance/incident management
Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks
Ability to run audit related reports within workflow systems, IAM and security logging tools such as BMC Remedy, Sailpoint IIQ and Splunk respectively
Strong understanding of IT & security frameworks including NIST 800.53 & CSF, CIS, ISO and COBIT
Strong technical and/or IT audit background with practical knowledge of a wide variety of technologies including server infrastructure & operating systems, network & web infrastructures, database architecture, vulnerability assessment and intrusion detection/prevention systems, both physical and on-cloud
Self-starter with the ability to manage and prioritize responsibilities
Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately
Experience in using AuditBoard Ops Audit as audit management tool
Strong ability to interact and communicate both written and verbally with process owners, both technical and non-technical, in a dynamic environment where interactions are not always in person
Strong risk analysis and problem-solving skills
Must be flexible to ensure assessments are performed timely and be able to manage multiple assessments simultaneously
Should be flexible and able to pivot at short notice for matters that need urgent attention

Industry certification such as CISSP or CISA required

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Specialist II, Audit and Advisory

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

Performing audits of cybersecurity and IT practices and controls throughout the organization using an established assessment process and framework.

What You'll Bring:

Impact You'll Make:

4 – 5 years of experience in an IT Audit, IT Assessor, or Information Security role with minimum of 2 years in a Public Accounting Firm
Bachelor’s degree in computer science, management information systems or related field
Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cybersecurity, cloud-based architecture & security, physical security, security architecture and design, business continuity/disaster recovery, network security, application & operations security and compliance/incident management
Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks
Ability to run audit related reports within workflow systems, IAM and security logging tools such as BMC Remedy, Sailpoint IIQ and Splunk respectively
Strong understanding of IT & security frameworks including NIST 800.53 & CSF, CIS, ISO and COBIT
Strong technical and/or IT audit background with practical knowledge of a wide variety of technologies including server infrastructure & operating systems, network & web infrastructures, database architecture, vulnerability assessment and intrusion detection/prevention systems, both physical and on-cloud
Self-starter with the ability to manage and prioritize responsibilities
Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately
Experience in using AuditBoard Ops Audit as audit management tool
Strong ability to interact and communicate both written and verbally with process owners, both technical and non-technical, in a dynamic environment where interactions are not always in person
Strong risk analysis and problem-solving skills
Must be flexible to ensure assessments are performed timely and be able to manage multiple assessments simultaneously
Should be flexible and able to pivot at short notice for matters that need urgent attention

Industry certification such as CISSP or CISA required

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Specialist II, Audit and Advisory

IT Internal Auditor- Specialist II-1

IT Internal Auditor- Specialist II-1

IT Internal Auditor- Specialist II-1

Location

Workplace

Type

Posted

Website

Similar Jobs

Company

For job seekers

For companies

Cyber Security jobs

IT Internal Auditor- Specialist II-1

IT Internal Auditor- Specialist II-1

IT Internal Auditor- Specialist II-1

Location

Workplace

Type

Posted

Website

Similar Jobs

IT Internal Auditor- Specialist II-1