• IT Security Auditor/Assessor

    Equitable (Charlotte, NC)


    IT Security Auditor/Assessor ( 250000H2 )

    **Primary Location** : UNITED STATES-NC-Charlotte

    **Other Locations** : UNITED STATES-NY-Syracuse

    **Organization** : Equitable

    **Schedule** : Full-time

    Description

    At Equitable, our power is in our people.

     

    We're individuals from different cultures and backgrounds. Those differences make us stronger as a team and a force for good in our communities. Here, you'll work with dynamic individuals, build your skills, and unleash new ways of working and thinking. Are you ready to join an organization that will help unlock your potential?

     

    Equitable is seeking an IT Security Auditor/Assessor to support the Director of Information Security Assessments and Assurance Program. Information Security Assessment and Assurance Programs handles internal assurance reviews of Information Systems, third-party security risk assessments, review of third-party agreements, security assessments. The program plays a key role in ensuring compliance with cybersecurity related regulatory, legal and internal policies.

     

    The IT Security Auditor/Assessor will conduct comprehensive security audits of organizations information security systems and processes to ensure compliance with regulatory, legal, and company policies. This team member will also perform security audits and assessments on third party vendors.

    Key Responsibilities Include, but are not limited to:

    + Perform security audits on Information Security processes and systems to identify weaknesses or vulnerabilities.

    + Execute design as well as operating effectiveness assessments of internal controls.

    + Ensure compliance of systems with applicable regulatory, legal requirements and internal policies.

    + Perform security risk assessment on third party vendors or their products.

    + Negotiate security requirements in the agreements with third party vendors.

    + Provide recommendations on the remediation of weaknesses, vulnerabilities to improve compliance.

    + Prepare clear and comprehensive audit reports by documenting the findings, risk ratings, and remediation recommendations.

    + Present the audit report to Business Stakeholders, IT Leadership, and IT teams to explain the findings and recommendations.

    + Log and track the remediation of findings until closure.

    + Report/Escalate any issues or concerns to senior management.

    + Prepare and present KPIs/KRIs to the senior management.

    + Stay relevant on the emerging security threats, industry trends and best practices in cybersecurity.

    **In Office Schedule** : This team member will be working in office 2-3 days per week.

     

    The base salary range for this position is $110,000 - $135,000. Actual base salaries vary based on skills, experience, and geographical location. In addition to base pay, Equitable provides compensation to reward performance with base salary increases, spot bonuses, and short-term incentive compensation opportunities. Eligibility for these programs depends on level and functional area of responsibility.

     

    For eligible employees, Equitable provides a full range of benefits. This includes medical, dental, vision, a 401(k) plan, and paid time off. For detailed descriptions of these benefits, please reference the link below.

     

    Equitable Pay and Benefits: Equitable Total Rewards Program (https://portal.equitable.com/appentry/EDoxRedirect?node\_id=A2023013000001)

    Qualifications

    Required Qualifications:

    + Bachelor's degree preferably in computer science, engineering, mathematics, or statistics.

    + At least one of the below professional certifications:

    + Certified Information Systems Security Professional (CISSP)

    + Certified Information Systems Auditor (CISA)

    + Certified Information Security Manager (CISM)

    + 5 years of experience in performing audits, assessments and managing risk and compliance issues, or similar experience managing applications, projects or systems that require identification, evaluation and remediation of risks.

    + Technical background or verifiable understanding of a range of operational and IT risks and operations.

    + Experience in performing third party vendor risk assessments/audits including contract negotiations.

    + Established business background; experience gathering and interpreting risks and associated impacts in context of financial and operational concerns.

    + Understanding of complex audit and assessment risk-related issues through demonstrated experience in managing vendor assessments, information security assessments, and audits.

    + Knowledge of business and technology practices and trends.

    + Demonstrated ability to communicate complex issues in a language understood by business leaders across multiple disciplines (such as business, IT and security) within an organization.Preferred Qualifications:

    + Masters degree

    + Effective written and verbal communication skills.

    + High level of personal integrity and demonstrated willingness to call out and act on issues.

    + Savvy interpersonal / relationship skills, able to foster working relationships within the team, across IT and with business colleagues.

    Skills

    **Agile Methodologies:** Knowledge of concept and principles of agile methodology; ability to apply appropriate agile approaches in the processes of software development and delivery.

    **Confidentiality:** Knowledge of practices and policies governing disclosure of information about the organization, its business activities, and employees; ability to apply this knowledge appropriately to diverse situations.

    **Information Security Management:** Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security.

    **IT Governance:** Knowledge of the accountability framework and processes used to encourage proper behavior in IT activities and operations; ability to implement IT systems and controls to meet business needs and requirements.

    ABOUT EQUITABLE

    At Equitable, we’re a team committed to helping our clients secure their financial well-being so that they can pursue long and fulfilling lives.

     

    We turn challenges into opportunities by thinking, working, and leading differently – where everyone is a leader. We encourage every employee to leverage their unique talents to become a force for good at Equitable and in their local communities.

     

    We are continuously investing in our people by offering growth, internal mobility, comprehensive compensation and benefits to support overall well-being, flexibility, and a culture of collaboration and teamwork.

     

    We are looking for talented, dedicated, purposeful people who want to make an impact. Join Equitable and pursue a career with purpose.

     

    **

     

    Equitable is committed to providing equal employment opportunities to our employees, applicants and candidates based on individual qualifications, without regard to race, color, religion, gender, gender identity and expression, age, national origin, mental or physical disabilities, sexual orientation, veteran status, genetic information or any other class protected by federal, state and local laws.

     

    NOTE: Equitable participates in the E-Verify program.

     

    If reasonable accommodation is needed to participate in the job application or interview process or to perform the essential job functions of this position, please contact Human Resources at (212) 314-2211 or email us at [email protected] .

     

    **Req ID:** 250000H2