ZoomInfo is looking for a talented and driven IT Controls and Security Audit Specialist to join our Global Information Security Team. The position will be an integral component of the InfoSec team and report directly to the Chief Security Officer to begin with.
The ideal applicant is a goal-oriented, experienced information security practitioner - with an audit and controls background - who strives to exceed expectations. The role, based in Waltham, MA, will support the security team in its various audit and risk analysis functions.
The individual will be a responsible, independent thinker with the ability to identify security risks where others may not. As security risks reside wherever sensitive information is stored and accessed, the successful applicant will have a broad base of experience interfacing with various segments of the business such as Finance, R&D, Operations, etc.
The IT Controls and Security Audit Specialist will assist in the assessment of security controls over a wide array of Corporate systems. These assessments are designed to correlate ZoomInfos internal control platform to a varying set of frameworks, GRC initiatives, and compliance requirements including, but not limited to COBIT, COSO, ISO, TSC 100, etc.
- Developing and maintaining an audit plan in accordance with numerous frameworks and standards
- Coordination of global audit initiatives among various business processes and technology, gaining buy in for timing and scope
- Evaluation of control effectiveness and recommendations for remediation and process improvement
- Documenting audit results and findings in various systems
- Tracking of remediation efforts while providing associated guidance
- Process and control documentation including narratives, flow charts, etc.
- Driving continuous process improvement initiatives
- Assisting with the development and maintenance of security policies and procedures
- Risk identification and treatment
- Promote standards-based workflow
- Engage with internal and external parties to obtain and share information to improve processes and security posture
- Work with end-users as required to investigate threats
- Keepmanagement informed with precise information about security posture and events
- Understanding of internal control concepts and experience in applying them to plan, perform, manage, and report on the evaluation of various security and business processes
- Highly motivated with the ability to self-start, prioritize, multi-task and work independently - within a global team environment
- Flexibility to change direction and manage conflicting demands and emergencies
- Outstanding organizational and data analytic skills
- Comfortable working in a fast-paced environment
- Strong verbal and written communication skills to effectively document processes, communicate findings, and interact with leadership
- Knowledge of networking, technology, corporate and cloud infrastructure and security implications and controls
- Undergraduate degree in a relevant discipline or proven auditing experience
- Recognised security certifications including CISSP, CISA, CISM
- Minimum 3 years of relevant audit and governance experience
- Experience with ISO and TSC controls
- Experience with risk and controls management
- Working knowledge of AuditBoard and Jira
- High working knowledge of spreadsheets and higher-level function
- High level knowledge of varying company processes and controls
- Threat reporting and assessment
- Proven ability to understand Company needs, maintain relationships and developpositive dialogue
Built over 20 years ago, ZoomInfo Powered by DiscoverOrg has helped companies achieve their most important objective: profitable growth. Backed by the world's most comprehensive B2B database, our platform puts sales, marketing and recruiting professionals in a position to identify, connect, and engage with qualified prospects. ZoomInfo offers unrivaled data and accuracy with contacts, companies, direct dials and professional movement. For more information on our intelligence solution, visit us at zoominfo.com
All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, religion, gender, national origin, disability and protected veterans status or any other personal characteristic protected by law.
More Jobs From