Required Skills: Audit, Cybersecurity

Job Description

Responsibilities include:

Internal audit review
• Assist deputy chief risk officer, continue to formalize and automate the ERM audit program
• Conduct regularly scheduled reviews of EOTSS internal processes to ensure recommended risk mitigating controls are fully implemented, followed, documented and effective.
• Coordinate with ERM risk analysts to ensure internal reviews include current mitigating control recommendations
• Employ analytical skills to conduct audit tests, participate in meetings and interviews, and assess procedural documentation
• Create comprehensive reports of audit findings to inform staff and executives of needed updates or improvements
• Proactively inform senior management of significant risks or exposures related to internal controls, compliance, and/or governance requiring prompt attention
• Manage the process to track, follow up, and ultimately ensure closure of all open audit issues

External audit response
• Coordinate and follow through with numerous individuals for various audit responses
• Obtain and provide comprehensive responses to internal and external audit requests.
• Build and maintain positive working relationships across all levels and functional areas.
• Meticulously track and document responses to and from multiple sources in a timely and succinct manner.
• Oversight of the internal audit liaison program
• Assist documentation of ERM audit program practices and procedures to include templates and reference guides.
• Plan and schedule program deliverables, goals, milestones.
• Other responsibilities as assigned.

Required ERM Knowledge, Skills & Abilities:
• At least five (5) years of experience in cybersecurity audit, IT audit, risk management, or compliance
• Strong knowledge of cybersecurity and control frameworks (e.g., NIST, CIS Controls)
• Experience performing audits, risk assessments, program evaluations, and conducting research using quantitative and qualitative methods in a government or highly regulated environment.
• Demonstrate ability to multitask, prioritize, and meet deliverables for various and fluid responsibilities and initiatives.
• Exceptional organizational skills include acute attention to detail especially involving the gathering, updating, tracking, and reporting of data from multiple sources.
• Ability to maintain a consistent and timely follow-through of all requests requiring a response from various members and all levels of the organization.
• A working knowledge of IT, Network infrastructure, software application and software vendor disciplines desired.

Required General Knowledge, Skills & Abilities:
• Strong work ethic
• Excellent verbal and written communication skills
• The ability to work independently as well as part of a team.
• Strong adaptability to evolving challenges and changing priorities.
• Ability to think critically, analyze situations, solve problems, and make informed decisions to address complex challenges.
• Strong ability to understand and effectively communicate (verbally and written) across varying levels of the organization.  
• Some technical knowledge is preferred.