Information Security Auditor - job id 33077


Your Way To Work™

Information Security Auditor

Contract Position; Market Rate

Downtown Brooklyn(1), NY



How to Apply

logo

Jessica Ohmer


logo

(646) 876-9549


logo

(212) 616-4800 ext-570




A Contract position at Premier New York Education Institution.


Pay Options: IC - Self Incorporated or W2

Contact Jessica Ohmer call (646)876-9549 / (212)616-4800 ext.570 or email jessica@sans.com with the Job Code JO33077

Location: Lower Manhattan (NOHO)

Skills required for the position: Information Security, IT AUDIT, SOC, NIST, ISO


Detailed Info: Technical Security Reviews:

  • Initiates and performs risk assessment activities including vulnerability assessment and management activities, covering all University business units, including Finance, Research, Health Care, and Educational activities.

  • Performs information security reviews related to security maturity and risk management.

  • Provides guidance and assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to particular situations.

  • 30% IT Compliance Control:

  • Manages detailed network, operating system, database, and application assessments and security configuration audits, evaluating the effectiveness of information security controls as

  • they have been proposed or implemented.

  • Researches and deploys tools and strategies to leverage audit results into actionable items; proposes operational improvements to reduce risk.

  • Keeps current on compliance requirements in all areas of University activity, including HIPAA,

  • FERPA, GLBA, PCI, including national and international data privacy laws.


Development / Computing Environment:

  • Ensures alignment with relevant Information Security standards including NIST 800-53, 800-171, ISO 2700x, etc.

  • 20% Reporting & Communication:

  • Analyzes data from Information Security functions and provides reports and recommended response actions to Information Security management.

  • Represents Information Security to other organizations on information security related matters, as assigned.

  • Publishes regular status reports and submits to management.

  • Develops assessment and risk metrics, in coordination with overall security reporting.

  • Works with Awareness Specialist and Communications to determine and document information

  • security requirements and controls necessary for the protection of information resources.

  • Formerly documents all assessment activity and ensure archiving of documentation in a secure

  • auditable location as part of the NYU IT Governance process.

  • 10% Risk Management and SOC Support

  • Maintains IT risk register, correlating audit and review results, as well as operational information, to determine likelihood and impact of risks.

  • Recommends policy and functional actions to reduce risk.

  • Oversees operational tasks supporting information security functions such as intrusion detection and prevention, security event log analysis, management reporting, malware prevention and remediation, encryption, network segmentation, remote access, cloud security, and authentication.


The position offers competitive rate.


Job Id: 33077