Information Security Auditor

The IT Security Auditor leads security assessments of client IT environments against various industry standards and regulations including PCI, HITRUST, ISO 27001/2, HIPAA, Sarbanes-Oxley, and others. The Auditor works with the client, and other ControlCase teams, over the life of the project to ensure that security controls are appropriate and compiles the information gathered in a final assessment report.


  • Leads execution of multiple concurrent technology assurance and project audits primarily as engagement supervisor in accordance with rigorous policy and work paper standards and within tight timeframes
  • Assesses key risks and controls and designs innovative and appropriate broad-based coverage across technology and/or business activity, exhibiting exceptional judgment regarding issue identification, issuing draft findings to client management, and drafting and issuing final audit reports with limited guidance
  • Develops valuable and trusting relationships with internal business partners by executing efficient audit work and offering suggestions to enhance risk management based on an enterprise-wide view of technology risk management
  • Interface with clients to review and analyze complex systems (Applications, operating systems, databases, and networking devices), to identify risks, exposures, define and implement compensating controls
  • Work independently to collect, consolidate and analyze the information required for the evaluation of security controls and gaps
  • Produce final reports on compliance to detail the controls observed during security assessments in accordance with various security standards and regulations (PCI, HITRUST, ISO 27001/2, HIPAA, Sarbanes-Oxley, etc.)
  • Extensive travel to client sites as needed



  • At least 5 - 10 years of experience in an IT security audit, assessment, and/or compliance role
  • One of the following certifications is must: CISM, CISSP, CISA
  • Strong knowledge of the PCI-DSS security standards
  • Strong background in auditing IT Security controls. Demonstrated leadership and the ability to successfully manage multi-functional or diverse areas
  • Ability to travel up to 60% annually
  • Excellent project management and time management skills. Capable of tracking and executing numerous parallel activities, work efficiently and independently with minimal supervision
  • Self-motivated and self-enabler
  • Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
  • Outstanding problem solving and analytical skills with the ability to turn findings into strategic imperatives
تاريخ النشر: ١٢ أغسطس ٢٠٢١

تاريخ النشر: ١٢ أغسطس ٢٠٢١