*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
03/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Principal Cloud Engineer with strong AWS and Kubernetes experience. Candidate will perform a range of activities required to both maintain and continuously automate a large, complex cloud-based computing environment. Candidate will provide technical guidance to the team and when called upon, serve as a technical liaison between internal departments. This will involve utilizing best practices for the management, architecture, configuration, high availability, disaster recovery, administration, and automation of the enterprise environment with cloud technologies. The ideal candidate is passionate about new technologies to accomplish complex project initiatives and implement mission critical systems, while keeping current with trends in the Cloud and Infrastructure spaces for areas to improve, with a steady eye towards the extensive regulatory/compliance demands on our company (eg CIS, NIST, etc). Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Lead in the development of technology roadmaps and end-of-life technology plans Effectively communicate project and operational service issues to senior management promptly with observations, decisions, and recommendations for corrective measures Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Maintain appropriate work/personal balance within your team Serve as a point of escalation within the team for support issues Implement and manage rotational support schedules for afterhours and weekend work for area of responsibility Foster an atmosphere of trust, respect, and high performance while displaying strong ethics and integrity Manage project and daily work task planning and prioritization and meeting project deadlines while also maintaining a high quality of work Institutes corrective actions to address audit and other regulatory or compliance findings Operate within budget; Establish and assure adherence to schedules, work plans, and performance requirements Write and maintain documentation of relevant systems, procedures and processes Other duties as assigned Qualifications: [Required] Good consultative, communication, team player and analytical skills are a must, as you will be regularly interacting between various teams distributed across the US [Required] Working knowledge of infrastructure design and components, such as: Servers, operating systems, networks, and storage [Required] Experience with architecting, implementing and maintaining highly available mission critical environments for 24/7 availability [Required] Experience working in an environment with a defined production change control process [Required] Demonstrates history of working within deadlines and ability to work well under pressure [Required] Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment [Required] Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible [Required] Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. [Required] Bachelors degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required [Required] 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers [Preferred] Experience working in a financial services or highly regulated environment preferred Certificates or Licenses: [Required] AWS Solutions Architect Associate Certification or higher strongly desired [Preferred] Relevant industry certifications such as Microsoft Azure or Google Cloud
03/04/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Principal Cloud Engineer with strong AWS and Kubernetes experience. Candidate will perform a range of activities required to both maintain and continuously automate a large, complex cloud-based computing environment. Candidate will provide technical guidance to the team and when called upon, serve as a technical liaison between internal departments. This will involve utilizing best practices for the management, architecture, configuration, high availability, disaster recovery, administration, and automation of the enterprise environment with cloud technologies. The ideal candidate is passionate about new technologies to accomplish complex project initiatives and implement mission critical systems, while keeping current with trends in the Cloud and Infrastructure spaces for areas to improve, with a steady eye towards the extensive regulatory/compliance demands on our company (eg CIS, NIST, etc). Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Lead in the development of technology roadmaps and end-of-life technology plans Effectively communicate project and operational service issues to senior management promptly with observations, decisions, and recommendations for corrective measures Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Maintain appropriate work/personal balance within your team Serve as a point of escalation within the team for support issues Implement and manage rotational support schedules for afterhours and weekend work for area of responsibility Foster an atmosphere of trust, respect, and high performance while displaying strong ethics and integrity Manage project and daily work task planning and prioritization and meeting project deadlines while also maintaining a high quality of work Institutes corrective actions to address audit and other regulatory or compliance findings Operate within budget; Establish and assure adherence to schedules, work plans, and performance requirements Write and maintain documentation of relevant systems, procedures and processes Other duties as assigned Qualifications: [Required] Good consultative, communication, team player and analytical skills are a must, as you will be regularly interacting between various teams distributed across the US [Required] Working knowledge of infrastructure design and components, such as: Servers, operating systems, networks, and storage [Required] Experience with architecting, implementing and maintaining highly available mission critical environments for 24/7 availability [Required] Experience working in an environment with a defined production change control process [Required] Demonstrates history of working within deadlines and ability to work well under pressure [Required] Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment [Required] Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible [Required] Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. [Required] Bachelors degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required [Required] 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers [Preferred] Experience working in a financial services or highly regulated environment preferred Certificates or Licenses: [Required] AWS Solutions Architect Associate Certification or higher strongly desired [Preferred] Relevant industry certifications such as Microsoft Azure or Google Cloud
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Principal Cloud Engineer with strong AWS and Kubernetes experience. Candidate will perform a range of activities required to both maintain and continuously automate a large, complex cloud-based computing environment. Candidate will provide technical guidance to the team and when called upon, serve as a technical liaison between internal departments. This will involve utilizing best practices for the management, architecture, configuration, high availability, disaster recovery, administration, and automation of the enterprise environment with cloud technologies. The ideal candidate is passionate about new technologies to accomplish complex project initiatives and implement mission critical systems, while keeping current with trends in the Cloud and Infrastructure spaces for areas to improve, with a steady eye towards the extensive regulatory/compliance demands on our company (eg CIS, NIST, etc). Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Lead in the development of technology roadmaps and end-of-life technology plans Effectively communicate project and operational service issues to senior management promptly with observations, decisions, and recommendations for corrective measures Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Maintain appropriate work/personal balance within your team Serve as a point of escalation within the team for support issues Implement and manage rotational support schedules for afterhours and weekend work for area of responsibility Foster an atmosphere of trust, respect, and high performance while displaying strong ethics and integrity Manage project and daily work task planning and prioritization and meeting project deadlines while also maintaining a high quality of work Institutes corrective actions to address audit and other regulatory or compliance findings Operate within budget; Establish and assure adherence to schedules, work plans, and performance requirements Write and maintain documentation of relevant systems, procedures and processes Other duties as assigned Qualifications: [Required] Good consultative, communication, team player and analytical skills are a must, as you will be regularly interacting between various teams distributed across the US [Required] Working knowledge of infrastructure design and components, such as: Servers, operating systems, networks, and storage [Required] Experience with architecting, implementing and maintaining highly available mission critical environments for 24/7 availability [Required] Experience working in an environment with a defined production change control process [Required] Demonstrates history of working within deadlines and ability to work well under pressure [Required] Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment [Required] Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible [Required] Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. [Required] Bachelor s degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required [Required] 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers [Preferred] Experience working in a financial services or highly regulated environment preferred Certificates or Licenses: [Required] AWS Solutions Architect Associate Certification or higher strongly desired [Preferred] Relevant industry certifications such as Microsoft Azure or Google Cloud
03/04/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Principal Cloud Engineer with strong AWS and Kubernetes experience. Candidate will perform a range of activities required to both maintain and continuously automate a large, complex cloud-based computing environment. Candidate will provide technical guidance to the team and when called upon, serve as a technical liaison between internal departments. This will involve utilizing best practices for the management, architecture, configuration, high availability, disaster recovery, administration, and automation of the enterprise environment with cloud technologies. The ideal candidate is passionate about new technologies to accomplish complex project initiatives and implement mission critical systems, while keeping current with trends in the Cloud and Infrastructure spaces for areas to improve, with a steady eye towards the extensive regulatory/compliance demands on our company (eg CIS, NIST, etc). Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Lead in the development of technology roadmaps and end-of-life technology plans Effectively communicate project and operational service issues to senior management promptly with observations, decisions, and recommendations for corrective measures Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Maintain appropriate work/personal balance within your team Serve as a point of escalation within the team for support issues Implement and manage rotational support schedules for afterhours and weekend work for area of responsibility Foster an atmosphere of trust, respect, and high performance while displaying strong ethics and integrity Manage project and daily work task planning and prioritization and meeting project deadlines while also maintaining a high quality of work Institutes corrective actions to address audit and other regulatory or compliance findings Operate within budget; Establish and assure adherence to schedules, work plans, and performance requirements Write and maintain documentation of relevant systems, procedures and processes Other duties as assigned Qualifications: [Required] Good consultative, communication, team player and analytical skills are a must, as you will be regularly interacting between various teams distributed across the US [Required] Working knowledge of infrastructure design and components, such as: Servers, operating systems, networks, and storage [Required] Experience with architecting, implementing and maintaining highly available mission critical environments for 24/7 availability [Required] Experience working in an environment with a defined production change control process [Required] Demonstrates history of working within deadlines and ability to work well under pressure [Required] Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment [Required] Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible [Required] Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. [Required] Bachelor s degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required [Required] 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers [Preferred] Experience working in a financial services or highly regulated environment preferred Certificates or Licenses: [Required] AWS Solutions Architect Associate Certification or higher strongly desired [Preferred] Relevant industry certifications such as Microsoft Azure or Google Cloud
NO SPONSORSHIP Internal Audit Information Technology & Security SALARY: $80k - $108k - $110 plus 10% bonus LOCATION: Chicago, IL 3 days onsite and 2 days remote Looking for a candidate with a BS Degree, 2 years audit related experience in conducting risk-based information, technology and security audits. Project cyber security review and internal audit standards AICPA, IIA IPPF COBIT NIST CSF This role will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations Qualifications: Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
02/04/2025
Full time
NO SPONSORSHIP Internal Audit Information Technology & Security SALARY: $80k - $108k - $110 plus 10% bonus LOCATION: Chicago, IL 3 days onsite and 2 days remote Looking for a candidate with a BS Degree, 2 years audit related experience in conducting risk-based information, technology and security audits. Project cyber security review and internal audit standards AICPA, IIA IPPF COBIT NIST CSF This role will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations Qualifications: Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
NO SPONSORSHIP Senior Associate, Internal Audit Information Technology & Security SALARY: $80k - $105k - $110k plus 10% bonus LOCATION: Dallas, TX 3 days onsite The preference is somebody out of a public accounting firm or a big four firm You will be doing IT audit across the enterprise, meaning applications infrastructure and security Financial services is highly preferred because this is highly regulated. You will be doing compliance assessments also Looking for a candidate with a BS Degree, minimum 2 years, audit related in conducting risk-based information technology and security audits. Cyber security reviews and internal audit. Experience [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
02/04/2025
Full time
NO SPONSORSHIP Senior Associate, Internal Audit Information Technology & Security SALARY: $80k - $105k - $110k plus 10% bonus LOCATION: Dallas, TX 3 days onsite The preference is somebody out of a public accounting firm or a big four firm You will be doing IT audit across the enterprise, meaning applications infrastructure and security Financial services is highly preferred because this is highly regulated. You will be doing compliance assessments also Looking for a candidate with a BS Degree, minimum 2 years, audit related in conducting risk-based information technology and security audits. Cyber security reviews and internal audit. Experience [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Cloud Engineering. This role is focused on Kubernetes containerization and incorporating applications into the containers. This principal will need experience with tools such as Kafka, Terraform, Rancher, Ansible, Java, Python, puppet, chef, etc. Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Institutes corrective actions to address audit and other regulatory or compliance findings Write and maintain documentation of relevant systems, procedures and processes Qualifications: Bachelor's degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. AWS Solutions Architect Associate Certification or higher
02/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Cloud Engineering. This role is focused on Kubernetes containerization and incorporating applications into the containers. This principal will need experience with tools such as Kafka, Terraform, Rancher, Ansible, Java, Python, puppet, chef, etc. Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Institutes corrective actions to address audit and other regulatory or compliance findings Write and maintain documentation of relevant systems, procedures and processes Qualifications: Bachelor's degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. AWS Solutions Architect Associate Certification or higher
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Cloud Engineering. This role is focused on Kubernetes containerization and incorporating applications into the containers. This principal will need experience with tools such as Kafka, Terraform, Rancher, Ansible, Java, Python, puppet, chef, etc. Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Institutes corrective actions to address audit and other regulatory or compliance findings Write and maintain documentation of relevant systems, procedures and processes Qualifications: Bachelor's degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. AWS Solutions Architect Associate Certification or higher
02/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Cloud Engineering. This role is focused on Kubernetes containerization and incorporating applications into the containers. This principal will need experience with tools such as Kafka, Terraform, Rancher, Ansible, Java, Python, puppet, chef, etc. Responsibilities: Reports to the Executive Director of Platform Automation and Cloud Engineering Design, configure, implement and manage a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code Develop and maintain a library of deployable, tested, and documented automation design scripts, processes, and procedures for deploying services to the cloud Manage DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka and container management systems Lead and participate in cloud computing environment build-outs, software installation, maintenance and support, including but not limited to, patches, fixes, end-of-life preparation, and upgrades Ensure the reliability of the services your area of responsibility provide and manage to both specific and implied SLAs to help the organization achieve both internal and external quality standard excellence for the cloud platform Assess and plan for capacity needs within the cloud platform and forecast accordingly Implement and manage initiatives within your assigned area of responsibility with accountability for results and compliance with all controls and security requirements Manage and participate in the implementation of production changes during defined maintenance windows and support on call rotation Institutes corrective actions to address audit and other regulatory or compliance findings Write and maintain documentation of relevant systems, procedures and processes Qualifications: Bachelor's degree, preferably in a technical discipline (Computer Science, Mathematics, etc.), or equivalent combination of education and experience required 10+ years experience in IT systems installation, operations, administration, and maintenance of cloud systems/virtualized Servers Strong hands-on experience Scripting/development skills in Python, Ruby, Go, Java, JavaScript, etc. in a corporate environment Hands-on experience with: Terraform, Kubernetes, Jenkins, Kafka, Github, OpenShift, and configuration management tools such as Puppet, Chef, or Ansible Relevant experience with configuration and implementation of IaaS, Infrastructure as code, AWS, Azure, etc. AWS Solutions Architect Associate Certification or higher
Security Operations Manager Location: North Yorkshire Job Type: Full-time This role will be part of a brand-new team dedicated to ensuring that our systems and data are protected from cyber threats and data breaches. You will be responsible for the ongoing management and continual improvement of our Managed Service Provider (MSP) SOC. What you'll be doing: Work with the MSP to implement and integrate security monitoring capabilities and toolsets across critical systems and environments, including new technology services. Maintain runbooks, escalation procedures, and consume available threat intelligence in collaboration with the MSP. Utilise detective controls to develop rules and alerts to drive security monitoring. Identify false positives from alerting and perform incident response, triage, incident analysis, and remediation tasks. Serve as the point of contact for the MSP, ensuring effective communication and reporting of all activities to relevant stakeholders. Liaise with internal IT teams and third parties to ensure comprehensive security coverage. Review MSP security capabilities to ensure appropriate monitoring and security controls across applications, infrastructure, and environments. Continuously identify potential threats or control weaknesses, proactively recommending mitigations. Collaborate across technical and business teams to identify and mitigate threats, and respond to security incidents. Manage Incident Response processes, conduct tabletop exercises, and oversee continual improvement plans. What we need from you: At least 3+ years of experience in a security operations environment, leading a SOC or working closely with an MSP SOC. Experience embedding and supporting critical operational cybersecurity processes and toolsets, including: Security Incident and Event Management Vulnerability and Threat Management Incident Management and Response Data Loss Prevention Ability to prioritize in a fast-moving, high-pressure, constantly changing environment with a strong sense of urgency. Ability to plan, prioritise, and produce effective reporting. Information Technology background, including knowledge of networking, application security, and general IT delivery best practices (eg, ITIL). Demonstrable working knowledge of security domains, auditing standards, and frameworks including ISO 27001, Cyber Essentials, etc. Experience working with cybersecurity partners and vendors to maximise return on investment. Expertise in industry best practices and prevailing technologies, including Azure, O365, Windows OS Security. An industry-recognised professional security certification (CISSP, CEH, GCIA, CISM, etc.). If you're interested in joining an exciting new team, please apply now!
02/04/2025
Full time
Security Operations Manager Location: North Yorkshire Job Type: Full-time This role will be part of a brand-new team dedicated to ensuring that our systems and data are protected from cyber threats and data breaches. You will be responsible for the ongoing management and continual improvement of our Managed Service Provider (MSP) SOC. What you'll be doing: Work with the MSP to implement and integrate security monitoring capabilities and toolsets across critical systems and environments, including new technology services. Maintain runbooks, escalation procedures, and consume available threat intelligence in collaboration with the MSP. Utilise detective controls to develop rules and alerts to drive security monitoring. Identify false positives from alerting and perform incident response, triage, incident analysis, and remediation tasks. Serve as the point of contact for the MSP, ensuring effective communication and reporting of all activities to relevant stakeholders. Liaise with internal IT teams and third parties to ensure comprehensive security coverage. Review MSP security capabilities to ensure appropriate monitoring and security controls across applications, infrastructure, and environments. Continuously identify potential threats or control weaknesses, proactively recommending mitigations. Collaborate across technical and business teams to identify and mitigate threats, and respond to security incidents. Manage Incident Response processes, conduct tabletop exercises, and oversee continual improvement plans. What we need from you: At least 3+ years of experience in a security operations environment, leading a SOC or working closely with an MSP SOC. Experience embedding and supporting critical operational cybersecurity processes and toolsets, including: Security Incident and Event Management Vulnerability and Threat Management Incident Management and Response Data Loss Prevention Ability to prioritize in a fast-moving, high-pressure, constantly changing environment with a strong sense of urgency. Ability to plan, prioritise, and produce effective reporting. Information Technology background, including knowledge of networking, application security, and general IT delivery best practices (eg, ITIL). Demonstrable working knowledge of security domains, auditing standards, and frameworks including ISO 27001, Cyber Essentials, etc. Experience working with cybersecurity partners and vendors to maximise return on investment. Expertise in industry best practices and prevailing technologies, including Azure, O365, Windows OS Security. An industry-recognised professional security certification (CISSP, CEH, GCIA, CISM, etc.). If you're interested in joining an exciting new team, please apply now!
Experienced PCI DSS Consultant required to assist an online retailer through the recertification process of the Payment Card Industry Data Security Standard (PCI DSS). The consultant will be responsible for evaluating current environment, identifying gaps, implementing necessary controls, and ensuring compliance with PCI DSS requirements. The ideal candidate should have a deep understanding of the PCI DSS standards and proven expertise in assisting organizations through PCI DSS certification and recertification processes. Key Responsibilities: Assess the organization's current PCI DSS compliance status and determine the steps needed to achieve recertification. Work closely with the internal team to identify gaps in policies, procedures, and security controls. Provide recommendations for remediating any identified compliance issues or risks. Assist in the implementation of necessary security controls, processes, and tools to achieve PCI DSS compliance. Coordinate and support internal and external audits related to PCI DSS requirements. Prepare and review documentation for the recertification process, including Self-Assessment Questionnaires (SAQ), Attestation of Compliance (AOC), and other necessary reports. Conduct PCI DSS training and awareness programs for staff, ensuring all employees understand the security and compliance requirements. Collaborate with QSA (Qualified Security Assessor) and other external auditors to ensure smooth recertification. Stay up-to-date with changes in PCI DSS requirements, industry best practices, and security standards. Key Qualifications: PCI DSS QSA Certification: Qualified Security Assessor (QSA) certification and have extensive experience in providing PCI DSS consulting services. PCI DSS Implementer Certification: Strong understanding of PCI DSS requirements with experience as a PCI DSS Implementer. Either qualification is highly preferable
01/04/2025
Contractor
Experienced PCI DSS Consultant required to assist an online retailer through the recertification process of the Payment Card Industry Data Security Standard (PCI DSS). The consultant will be responsible for evaluating current environment, identifying gaps, implementing necessary controls, and ensuring compliance with PCI DSS requirements. The ideal candidate should have a deep understanding of the PCI DSS standards and proven expertise in assisting organizations through PCI DSS certification and recertification processes. Key Responsibilities: Assess the organization's current PCI DSS compliance status and determine the steps needed to achieve recertification. Work closely with the internal team to identify gaps in policies, procedures, and security controls. Provide recommendations for remediating any identified compliance issues or risks. Assist in the implementation of necessary security controls, processes, and tools to achieve PCI DSS compliance. Coordinate and support internal and external audits related to PCI DSS requirements. Prepare and review documentation for the recertification process, including Self-Assessment Questionnaires (SAQ), Attestation of Compliance (AOC), and other necessary reports. Conduct PCI DSS training and awareness programs for staff, ensuring all employees understand the security and compliance requirements. Collaborate with QSA (Qualified Security Assessor) and other external auditors to ensure smooth recertification. Stay up-to-date with changes in PCI DSS requirements, industry best practices, and security standards. Key Qualifications: PCI DSS QSA Certification: Qualified Security Assessor (QSA) certification and have extensive experience in providing PCI DSS consulting services. PCI DSS Implementer Certification: Strong understanding of PCI DSS requirements with experience as a PCI DSS Implementer. Either qualification is highly preferable
IT Auditor Our client is urgently looking for an experienced IT Auditor to join their team on a permanent basis. Please note, this is a hybrid role with 2 days per week in the office. You will be rewarded with a good salary as well as a brilliant benefits package including annual leave, pension contribution, car scheme, on-site parking, gym and restaurant, private medical cover, income protection, hybrid working and many, many more perks! IT Auditor - Key Skills: Strong experience in Audit - internal or external Experience in IT Systems Good knowledge in both regulatory and legal requirements Good knowledge around IT Security standards - such as NIST and ISO27001 Familiarity with frameworks - such as COBIT and ITIL IT Audit methodology and implementation expertise Professional audit qualifications - such as CIA, CISA or CISM is very nice to have (or similar) IT Auditor Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
31/03/2025
Full time
IT Auditor Our client is urgently looking for an experienced IT Auditor to join their team on a permanent basis. Please note, this is a hybrid role with 2 days per week in the office. You will be rewarded with a good salary as well as a brilliant benefits package including annual leave, pension contribution, car scheme, on-site parking, gym and restaurant, private medical cover, income protection, hybrid working and many, many more perks! IT Auditor - Key Skills: Strong experience in Audit - internal or external Experience in IT Systems Good knowledge in both regulatory and legal requirements Good knowledge around IT Security standards - such as NIST and ISO27001 Familiarity with frameworks - such as COBIT and ITIL IT Audit methodology and implementation expertise Professional audit qualifications - such as CIA, CISA or CISM is very nice to have (or similar) IT Auditor Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
28/03/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
28/03/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
We are currently looking on behalf of one of our important clients for an IT Quality Assurance & CSV Manager (German Speaking). The role is a permanent position based in Solothurn Canton & comes with some home office allowance. Your Role: Carry out personnel, technical & people life cycle management of a IT QA & CSV team. Act as a key contact person & all-rounder in the field of IT Quality Assurance & Computer Systems Validation. Advise & support system owners, project managers or suppliers in the validation of computer systems according to internal & external GxP/GAMP specifications (eg in the field of production systems SW, SW development, MES or database systems). Independently prepare the necessary documentation & execution of tests. Support the continuous development of IT processes (eg further development of internal CSV processes or certification of IT service areas according to ISO 27001: Information Security). Act as a key contact person as a CSV expert for customers & audits. Review & approval CSV & system documentation. Your Skills: At least 5 years of relevant professional experience including experience in IT Quality Assurance, Computer Systems Validation & Computer Software Assurance. A sound knowledge of IT Security, GDPR & IT Systems & Infrastructure. Experienced with Q-Systems (eg EU: Annex 11/FDA: 21CFR Part 11). Ideally experienced in the Medical Technology Sector. A knowledge of important IT Standards & Methods (eg ISO27001, ISO 80002-2, ITIL) or ISO 13485:2016 QMS for Medical Devices. Your Profile: Completed relevant Scientific or Technical University Degree. Strong communication skills, assertive & highly quality-oriented. Fluent English & good German language skills (to at least B2 Level) are a mandatory requirement.
28/03/2025
Full time
We are currently looking on behalf of one of our important clients for an IT Quality Assurance & CSV Manager (German Speaking). The role is a permanent position based in Solothurn Canton & comes with some home office allowance. Your Role: Carry out personnel, technical & people life cycle management of a IT QA & CSV team. Act as a key contact person & all-rounder in the field of IT Quality Assurance & Computer Systems Validation. Advise & support system owners, project managers or suppliers in the validation of computer systems according to internal & external GxP/GAMP specifications (eg in the field of production systems SW, SW development, MES or database systems). Independently prepare the necessary documentation & execution of tests. Support the continuous development of IT processes (eg further development of internal CSV processes or certification of IT service areas according to ISO 27001: Information Security). Act as a key contact person as a CSV expert for customers & audits. Review & approval CSV & system documentation. Your Skills: At least 5 years of relevant professional experience including experience in IT Quality Assurance, Computer Systems Validation & Computer Software Assurance. A sound knowledge of IT Security, GDPR & IT Systems & Infrastructure. Experienced with Q-Systems (eg EU: Annex 11/FDA: 21CFR Part 11). Ideally experienced in the Medical Technology Sector. A knowledge of important IT Standards & Methods (eg ISO27001, ISO 80002-2, ITIL) or ISO 13485:2016 QMS for Medical Devices. Your Profile: Completed relevant Scientific or Technical University Degree. Strong communication skills, assertive & highly quality-oriented. Fluent English & good German language skills (to at least B2 Level) are a mandatory requirement.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
27/03/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
27/03/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
