As part of the Security team, The Sr. Technology Auditor is primarily responsible for supporting the Global Head of Policy and Risk in the performance of IT Audit�s (vulnerability/risk assessments) in all areas of technology (including: network security, UNIX and NT O/S security, security/control processes and application security).
5+ Years Information Security, minimum 2 Years IT Audit, in the financial services sector in a medium to large heavily networked telecommunications environment, including hands on knowledge in the following areas: Security/vulnerability assessment and IT Audit. Operational security processes and procedures reviews. Application controls reviews. 2. Strong knowledge of IT auditing principles, risk/vulnerability assessments, infrastructure controls, application controls. Strong interpersonal skills with the ability to formulate good working relationships and act as a security consultant to all levels of staff. Capable of operating during stressful periods, e.g. a significant security incident. In addition, hands on experience in two or more of the following would be a plus: BS7799 or ISO17799 security standards Hands on familiarity with security vulnerability assessment tools. CRAMM risk methodology. 3rd Party reviews (e.g., SAS70, SysTrust). Firewall management, Host intrusion detection (UNIX, NT), Network intrusion detection. Incident investigation.
