Senior Cyber & IT Auditor - Risk, Security & Compliance

This role requires the ability to work lawfully in the U.S. without employment-based immigration sponsorship, now or in the future.

Are you ready to execute high-quality audits and manage risks over IT infrastructure, applications, and processes? As a Lead Cyber & IT Auditor at Spectrum, you will deliver top-tier internal audit results under the guidance of IT Audit Managers and Directors. Your key focus will include planning and performing IT risk assessments, developing test plans to evaluate designs, cybersecurity evaluations, business continuity, disaster recovery assessments, and reviewing regulations related to Spectrum’s electronic assets.

• Execute specific projects established in the annual audit plan, develop scope and objectives of IT audits while ensuring alignment with audit standards, guidelines, and best practices
• Execute projects related to the NIST Cybersecurity Framework, NIST 800 series, CIS Controls, ISO 27001/27002, OWASP, Payment Card Industry, Data Privacy, IT General Controls (ITGC), and other laws and regulations governing the corporation
• Prepare audit summaries and review audit results with senior IT management providing observations and conclusions as well as identifies and communicates gaps and evaluates management action plans and related reporting
• Keep abreast of relevant business developments and evolving IT risk areas
• Contribute ideas and opinions to the internal audit team by identifying relevant automated controls to include in an audit scope
• Design audit programs/procedures to assess their adequacy, and assisting financial/operational auditors in applying IT audit principles and concepts
• Develop and maintain effective relationships within the team and individuals throughout the organization

• Office environment
• Expected travel approximately 10-15%

• Education
  • Bachelor’s degree in Information Technology, Business, Accounting, or Finance
• Experience
  • 3+ years of experience in IT audit or public accounting
  • Experience with various technologies, including networks, platforms, and applications
  • Experience in information security assessment
• Skills
  • Ability to read, write, speak and understand English
  • Ability to define effective audit plans and cultivate channels of communication that align well with key stakeholders and effectively influence at all levels of the organization, including experienced IT auditors
  • Demonstrated understanding of business processes, financial reporting and information technology audit and control frameworks such as SOX, COBIT, ITIL, and PCI
  • Demonstrated leadership skills in the areas of leading through influence, relationship building and strategy development and execution
  • Demonstrated knowledge of risk assessment and familiarity with tools and techniques used to provide control and monitoring mechanisms
  • Demonstrated knowledge of IT audit methodologies and control frameworks of IT platforms, processes, systems and controls, including areas such as network security, logical access and change management controls at an infrastructure and application level, databases and systems maintenance
  • Knowledge of cable television products and services, various network architectures, services, systems, applications, development platforms, network/security technologies, and web application security including cross site scripting and SQL injection
  • Proficiency in information security tools to exploit vulnerabilities in networks and applications

• Education
  • CISA
  • CIA, CISSP, CISM, CEH, GPEN, OSCP, CPT and/or MBA
• Experience
  • Big 4 experience
• Skills
  • Knowledge of PCI Standards, HIPAA, and security

Spectrum is an Equal Opportunity Employer, including job seekers with disabilities and veterans.