Job Description

Duties and Responsibilities

• Participate in client pre-sales and delivery, performing ethical and high quality IT Audit work, including but not limited to risk assessments, documentation review, scoping, sampling, validation of security controls, and report issuance, as part of the Ensign Consulting BU’s Cyber Risk Assurance team.
• Be responsible for project delivery; identify project risks early and assist by providing prudent and timely recommendations for risk avoidance; sets and manages client expectations; creates and executes project work plans and revises as appropriate to meet changing needs and requirements; communicates effectively with clients and internal stakeholders to identify needs; continually seeks opportunities to increase customer satisfaction
• Execute process improvements and the review of procedures, methods, and tools in support of delivery.
• Responsibilities include supporting pre-sales processes and working with sales and account management professionals to win new business; proposal review and refinement
• Maintaining accurate records of “Work in Progress (WIP)” reporting for work delivered with timely clocking in Workday system
• Working with and providing Team’s Project Plans and regular project status updates
• Performing other job-related duties as assigned

• Bachelor’s Degree in a related field or equivalent experience is preferred
• At least one of the following Industry Certifications: CISSP, CISA, CISM, ISO 27001, PCI QSA or equivalent
• At least 3-4 years of IT Audit experience; preferably in a Professional Security Service environment

• Good project management, consulting, customer service, technology and process improvement skills.
• Good people management, supervisory, communication/presentation, proposal writing, time management and negotiation skills
• Team player who can perform under pressure and tight deadlines
• Excellent grasp of Business processes (e.g. policies & procedures, best practices etc.) and IT technical concepts, e.g., Operating Systems (Unix, Windows, OS/400, etc), Databases (Oracle, SQL, etc.)
• Experience with Industry standards frameworks and methodologies such as NIST, ISO 27001, COBIT 5/6, PCI DSS etc for Information system security auditingrity auditing