Lead, IT & Cybersecurity Auditor
Company: Northwestern Mutual
Location: Milwaukee
Posted on: May 16, 2022
Job Description:
AT NORTHWESTERN MUTUAL, WE ARE STRONG, INNOVATIVE AND GROWING.
WE INVEST IN OUR PEOPLE. WE CARE AND MAKE A POSITIVE DIFFERENCE.The
Lead IT & Cybersecurity Auditor position will plan, lead, and
execute technology & cybersecurity audits. This role serves as an
expert for technology & cybersecurity topics. This role will be
part of the Corporate Audit & Anti-Fraud (CAAF) team and will work
on a variety of audits and projects encompassing cybersecurity,
information technology, and help with overall development of a
cyber and technology audit framework. This exciting position will
impact the overall success of the technology & cybersecurity audit
program through the development of innovative ways to leverage NIST
frameworks, designing and developing a cybersecurity program that
will serve to improve and optimize CAAF's technology &
cybersecurity strategic initiative.This position includes
significant internal client interface, and as such requires strong
professional presence, communication and decision-making skills.
The successful candidate will be capable of identifying technology
and cybersecurity risks across all areas of the company. The
ability to establish exceptional relationships and credibility
within the CAAF team and internal Northwestern Mutual clients will
be essential to the individual's success, as will the ability to
coach, and lead other audit staff in the execution of audit
engagements. The Lead IT & Cybersecurity auditor will report up to
the Senior Director, IT & Cybersecurity Audit.Key
Responsibilities:
- Lead execution of the audit plan for technology infrastructure
and cybersecurity and assist in development of long-term strategy
based on company goals. In addition, responsible for building the
audit testing approach & test steps.
- Demonstrates technical knowledge of routine IT systems and
processes and continues development of technical and intermediate
analytical skills to understand more complex technologies.
Interprets the associated risks, begins to develop a holistic view
of risk, develops testing approach, and proposes solutions.
- Responsible for leading cybersecurity design and effectiveness
audits of Northwestern Mutual's IT systems and cloud environments
(AWS, VMWARE) to ensure compliance with internal standards as
informed by NIST 800-53, the NIST Cybersecurity Framework (CSF),
and emerging standards.
- Function as a senior member of the technology & cybersecurity
audit team, with experience as both as an individual contributor
and in team environments where collaboration and adaptability are
important.
- Lead multiple concurrent projects, meet established deadlines
and quickly adapt to changing priorities, all while working under
limited supervision.
- Remains current on cybersecurity auditing practices, cyber
emerging threats, industry regulatory changes, and internal company
policy and process changes.
- Proactively interfaces with IT functional groups to enhance
their understanding of cybersecurity controls needed to comply with
standards and regulations, and risk treatment options.
- Prepares and reports on audit recommendations and ensures they
are accurately tracked in an audit repository.Minimum Requirements:
- Bachelor's degree in Accounting, Finance, Information
Technology or another relevant field.
- Subject matter expert knowledge in technology & cybersecurity
risks, with demonstrated experience in cloud environments,
cybersecurity, technology risks.
- Subject matter expert level business acumen in business
operations, industry practices, and emerging cybersecurity
trends.
- In depth knowledge of industry frameworks/standards utilized
for IT internal controls (COBIT, NIST CSF, ISO, etc.)
- Preferred designations include CISA (Certified Information
Systems Auditor), CISSP (Certified Information Security Systems
Professional), or other relevant business designations
- In-depth knowledge and experience in auditing IT applications,
technologies, and IT infrastructure (network infrastructure
technologies (WAN/LAN), cybersecurity, Active Directory, backup &
recovery, data centers, messaging, mobile technologies, remote
access, storage, operating systems, virtualization services, and IT
service desk)
- Strong understanding of various types of cloud service models
(IAAS, PAAS, SAAS). In Addition, strong understanding of AWS
Infrastructure (IAAS)
- Advanced knowledge & experience in IT general controls (logical
access management, system development life cycle management, change
management, data security (encryption controls) logging &
monitoring, business continuity & disaster recovery, and backup and
recovery).
- Ability to develop, design, and execute IT, and cybersecurity
audits using a risk-based approach.
- Excellent project management and organization skills; ability
to multitask.
- Confidence and gravitas in working with and challenging
stakeholders.
- Excellent ability to develop and write impactful reports and
presentations.Preferred Requirements:
- Demonstrated knowledge of the regulatory environment for
Financial Services industry
- 5+ years of experience in large financial services IT/Security
internal audit department, or equivalent IT/Security audit or
consulting experience to include top tier firm (EY, Deloitte, PWC,
KPMG, etc.)
- 4+ years of experience leading end-to-end engagements as the
auditor in charge and/or leadership experience within the
information technology or cyber security fields
- Model Audit Rule, SOX experienceWork Experience:
- 7+ years of technology & cybersecurity audit experience with a
professional services firm, an internal audit group, or similar
environment.#IN-POST#LI-POSTThis job is not covered by the existing
Collective Bargaining Agreement.Required Certifications:GROW YOUR
CAREER WITH A BEST-IN-CLASS COMPANY THAT PUTS OUR CLIENT'S
INTERESTS AT THE CENTER OF ALL WE DO. GET STARTED NOW!We are an
equal opportunity/affirmative action employer and all qualified
applicants will receive consideration for employment without regard
to race, color, religion, gender identity or expression, sexual
orientation, national origin, disability, age or status as a
protected veteran, or any other characteristic protected by law.If
you work or would be working in Colorado or outside of a Corporate
location, please click here for information pertaining to
compensation and benefits.
FIND YOUR FUTUREWe're excited about the potential people bring to
Northwestern Mutual. You can grow your career here while enjoying
first-class perks, benefits, and commitment to diversity and
inclusion.Flexible work schedulesConcierge serviceComprehensive
benefitsEmployee resource groups
Keywords: Northwestern Mutual, Milwaukee , Lead, IT & Cybersecurity Auditor, Accounting, Auditing , Milwaukee, Wisconsin
Didn't find what you're looking for? Search again!
Loading more jobs...