Lead Cyber & IT Auditor

Are you ready to execute high-quality audits and manage risks over IT infrastructure, applications, and processes? As a Lead Cyber & IT Auditor at Spectrum, you will deliver top-tier internal audit results under the guidance of IT Audit Managers and Directors. Your key focus will include planning and performing IT risk assessments, developing test plans to evaluate designs, conducting cybersecurity evaluations, assessing business continuity, and disaster recovery, and reviewing internal controls, policies and regulations related to Spectrum's electronic assets.

How You'll Make an Impact

• Execute planning, fieldwork and reporting for specific IT projects established in the annual audit plan, in accordance with audit standards, guidelines, and best practices.
  
• Execute projects related to the NIST Cybersecurity Framework, NIST 800 series, CIS Controls, ISO 27001/27002, OWASP, Payment Card Industry, Data Privacy, IT General Controls (ITGC), and other laws and regulations governing the corporation.
  
• Prepare audit summaries and present audit results to senior IT management providing observations and evaluating management action plans and reporting.
  
• Keep abreast of relevant business developments and evolving IT risk areas.
  
• Contribute ideas and opinions to the internal audit team by identifying relevant automated controls to include in an audit's scope.
  
• Design audit programs/procedures to assess their adequacy, and assist financial/operational auditors in applying IT audit principles and concepts.
  
• Develop and maintain effective relationships within the team and individuals throughout the organization.
  

Working Conditions

• Office environment
  
• Expected travel approximately 10-15%

What You'll Bring to Spectrum

Required Qualifications

• Education
  
  • Bachelor's degree in Information Technology, Business, Accounting, or Finance
• Experience
  
  • 3+ years of experience in IT audit or public accounting
  • Experience with various technologies, including networks, platforms, and applications
  • Experience in information security assessment
• Skills
  
  • Ability to read, write, speak and understand English
  • Ability to define effective audit plans and cultivate channels of communication that align well with key stakeholders and effectively influence at all levels of the organization, including experienced IT auditors
  • Understanding of business processes, financial reporting and information technology audit and control frameworks such as SOX, COBIT, ITIL, and PCI
  • Leadership skills in the areas of leading through influence, relationship building and strategy development and execution
  • Knowledge of risk assessment and familiarity with tools and techniques used to provide control and monitoring mechanisms
  • Knowledge of IT audit methodologies and control frameworks of IT platforms, processes, systems, and controls, including areas such as network security, logical access, and change management controls at an infrastructure and application level, databases, and systems maintenance
  • Knowledge of cable television products and services, various network architectures, services, systems, applications, development platforms, network/security technologies, and web application security including cross-site scripting and SQL injection
  • Proficiency in information security tools to exploit vulnerabilities in networks and applications

Preferred Qualifications

• Education
  
  • CISA
  • CIA, CISSP, CISM, CEH, GPEN, OSCP, CPT and/or MBA
• Experience
  
  • Big 4 experience
• Skills
  
  • Knowledge of PCI Standards, HIPAA, and security