Product Security Compliance Assessor (IT Auditor)
Product Security Compliance Assessor (IT Auditor)
eTeam
Santa Rosa, CA
See who eTeam has hired for this role
Remote
Screening Questions
Help to interpret the relevant, applicable government regulations.
Work with different teams including Legal, Cybersecurity, Finance, IT Operations, R&D, Products, and other stakeholder teams to coordinate control requirements, reporting and mapping to policy, regulation, and best practice.
Work with stakeholders to build plan of actions and milestones, track progress against gaps, and communicate changes or risks to plans in a timely manner.
Identify, document, and report control deficiencies and associated recommendations for improvements.
Develop and communicate reports to describe regulatory risks and associated remediation actions.
Understand current information security regulatory applicability and monitor for upcoming regulatory changes and revisions.
Support the alignment of the policies and standards to both regulations and best practices.
Review and challenge to support compliance with policies, standards, and regulations.
Evaluate, operate, and maintain tools or artifacts to capture and publish regulatory assessment results.
PM, Design, and implement compliance solutions to stabilize and operationalize responsible program(s).
Requirements
Bachelors degree in computer science, Information Security, or a related field.
Strong communicator to present to all levels.
Experience In Interpreting Regulatory Requirements And Policies.
Experience in conducting compliance and gap assessments and designing metrics.
IT Audit Experience Required
Knowledge of NIST 800-218/Secure Software Development Framework, EU NIS 2 Directives, and Cybersecurity Resilient Act. Understand what the regulation is.
Experience in applying security best practices within an SDLC framework.
Familiarity with various SDLC methodologies (e.g., Agile, Waterfall).
Experience with security automation tools for SDLC.
Ability to prioritize tasks, manage deadlines, and work independently.
Ability to independently run in a fast-paced environment and proactively identify and bridge knowledge gaps.
Candidates with 5+ years of relevant experience preferred with the above requirements.
CIA/CISA/CRISC, or CISM preferred.
Screening Questions
- How do they assess IT evidence when given a piece of IT evidence from a stakeholder?
- Do you have IT audit experience as internal or external auditor?
- Can you explain how you test typical IT general controls?
Help to interpret the relevant, applicable government regulations.
Work with different teams including Legal, Cybersecurity, Finance, IT Operations, R&D, Products, and other stakeholder teams to coordinate control requirements, reporting and mapping to policy, regulation, and best practice.
Work with stakeholders to build plan of actions and milestones, track progress against gaps, and communicate changes or risks to plans in a timely manner.
Identify, document, and report control deficiencies and associated recommendations for improvements.
Develop and communicate reports to describe regulatory risks and associated remediation actions.
Understand current information security regulatory applicability and monitor for upcoming regulatory changes and revisions.
Support the alignment of the policies and standards to both regulations and best practices.
Review and challenge to support compliance with policies, standards, and regulations.
Evaluate, operate, and maintain tools or artifacts to capture and publish regulatory assessment results.
PM, Design, and implement compliance solutions to stabilize and operationalize responsible program(s).
Requirements
Bachelors degree in computer science, Information Security, or a related field.
Strong communicator to present to all levels.
Experience In Interpreting Regulatory Requirements And Policies.
Experience in conducting compliance and gap assessments and designing metrics.
IT Audit Experience Required
Knowledge of NIST 800-218/Secure Software Development Framework, EU NIS 2 Directives, and Cybersecurity Resilient Act. Understand what the regulation is.
Experience in applying security best practices within an SDLC framework.
Familiarity with various SDLC methodologies (e.g., Agile, Waterfall).
Experience with security automation tools for SDLC.
Ability to prioritize tasks, manage deadlines, and work independently.
Ability to independently run in a fast-paced environment and proactively identify and bridge knowledge gaps.
Candidates with 5+ years of relevant experience preferred with the above requirements.
CIA/CISA/CRISC, or CISM preferred.
-
Seniority level
Entry level -
Employment type
Contract -
Job function
Finance and Sales -
Industries
Appliances, Electrical, and Electronics Manufacturing
Referrals increase your chances of interviewing at eTeam by 2x
See who you knowGet notified about new Compliance Examiner jobs in Santa Rosa, CA.
Sign in to create job alertSimilar jobs
People also viewed
-
Internal Auditor
Internal Auditor
-
Senior Manager, Information and Technology Services_Global
Senior Manager, Information and Technology Services_Global
-
Internal Audit & SOX Compliance Manager, IT
Internal Audit & SOX Compliance Manager, IT
-
Information Technology Security Manager
Information Technology Security Manager
-
Internal Auditor l - growing Healthcare Org- New Grads Encouraged to apply !! flexible remote schedule
Internal Auditor l - growing Healthcare Org- New Grads Encouraged to apply !! flexible remote schedule
-
Information Technology Applications Service Delivery Manager
Information Technology Applications Service Delivery Manager
-
0_IT_Information Technology Manager_CIO_VIO
0_IT_Information Technology Manager_CIO_VIO
-
Information Technology Asset Manager
Information Technology Asset Manager
-
Are you a Internal Auditor aiming to move your career into Oracle Fusion Financials
Are you a Internal Auditor aiming to move your career into Oracle Fusion Financials
-
Senior Security Analyst (FedRamp Compliance)
Senior Security Analyst (FedRamp Compliance)
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub