Manager, Audit


Who We Are: In todays work environment, employees use a myriad of devices to access IT applications and data over multiple networks to stay productive, wherever and however they work. Ivanti elevates and secures Everywhere Work so that people and organizations can thrive. While our headquarters is in the U.S., half of our employees and customers are outside the country. We have 36 offices in 23 nations, with significant offices in London, Frankfurt, Paris, Sydney, Shanghai, Singapore, and other major cities around the world. Ivantis mission is to be a global technology leader enabling organizations to elevate Everywhere Work, automating tasks that discover, manage, secure, and service all their IT assets. Through diverse and inclusive hiring, decision-making, and commitment to our employees and partners, we will continue to build and deliver world-class solutions for our customers. Our Culture – Everywhere Work Centered Around You At Ivanti, our success begins with our people. This is why we embrace Everywhere Work across the globe, where Ivantians and our customers are thriving. We believe in a healthy work-life blend and act on it by fostering a culture where all perspectives are heard, respected, and valued.Through Ivantis Centered Around You approach, our employees benefit from programs focused on their professional development and career growth. We align through our core values by locking arms in collaboration, being champions for our customers, focusing on the outcomes that matter most and fighting the good fight against cyber-attacks. Are you ready to join us on the journey to elevate Everywhere Work? Why We Need you! As part of the Compliance and Audit team, you will lead the execution of multiple functions and support daily activities of the program, included but not limited to: development, implementation, documentation/maintenance of policies and procedures, monitoring program compliance, investigation and tracking of incidents and breaches and insuring compliance with federal laws. Critical Priorities Include: Facilitate and manage Ivantis Audit Team, consisting of 10 different frameworks for a total of 40 different audits or certifications, as Audit Manager. Frameworks include: ISO 27001, 17 & 18 SOC2 PCAOB Integrated Financial Audit NIAP & BSI Common Criteria FIPS 140-2 & 3 DoDIN APL (DISAs JITC, STIGs, etc.) UK Cyber Essentials CCN FedRamp Develop and implement audit methodology, processes, and templates. Identify, track, and report on critical KPIs to leadership, including budget to actuals, deficiencies, quality and accuracy, and program improvement Support and ensure quality of audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions. Provide guidance on laws, regulations, policies, standards, or procedures to management, personnel, or clients. Develop processes with the external audit group on how to share information regarding the continuous monitoring program and its impact on security control assessment. Support audit team in becoming product and audit SMEs Review existing and proposed policies with stakeholders. Review or conduct audits of information technology (IT) programs and projects. Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. Review, conduct, or participate in audits of cyber programs and projects. Provide leadership in the planning, design and evaluation of privacy and security related projects Appoint and guide a team of IT security experts. Prepare a plan of action and milestones based on the findings and recommendations of a security assessment report excluding any remediation actions taken. The primary focus of this position in Information Security is: to develop and implement a consistent, predictable, and repeatable audit processes, demonstrated through tracking key metrics; ensure quality and accuracy of ar ifacts delivered to third-party assessors; transform the audit program to a vehicle for early identification and remediation of potential weaknesses; and reduce impact to key stakeholders and control owners. To Be Successful in The Role, You Should Be Able to: Successfully manage and lead an audit program ensuring compliance with regulatory requirements, compliance standards, internal policies, and mandates. Lead and manage a team of auditors, assigning tasks, setting priorities, and providing guidance through the audit process. Continuously evaluate and enhance audit methodologies, processes, and tools to ensure effectiveness and efficiency. Support the development of security policies, training material, and other core documents. Coordinate and manage onsite assessments with external stakeholders. Manage a global team, with team members from varying geographical regions (flexible scheduling availability). Coordinate with third-party auditors/assessors in managing audit program and treatment of potential deficiencies. You Can Leverage Your Expertise to: Assess and forecast manpower requirements to meet organizational objectives. Monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies. Interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives. Coordinate with senior leadership of an organization to facilitate the sharing of risk-related information among authorizing officials and other senior leaders within the organization. Advise authorizing officials, chief information officers, senior information security officers, and the senior accountable official for risk management/risk executive (function), on a range of security-related issues (e.g. establishing system boundaries; assessing the severity of weaknesses and deficiencies in the system; plans of action and milestones; risk mitigation approaches; security alerts; and potential adverse effects of identified vulnerabilities). Coordinate their security-related activities with security architects, senior information security officers, system owners, common control providers, and system security officers. Facilitate and support Audit Team in conducting comprehensive assessment of the management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine the effectiveness of the controls (i.e., the extent to which the security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). Provide an assessment of the severity of weaknesses or deficiencies discovered in the system and its environment of operation and recommend corrective actions to address identified vulnerabilities. Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. Work independently and have the ability to prioritize conflicting demands from multiple business clients in an extremely fast-paced environment Work across departments and business units to implement organizations audit principles and programs. You Should be Knowledgeable In: Frameworks such as: NIST SP 800 Series, FISMA, ISO 15408, and ISO27001, and those indicated above Leveraging… For full info follow application link. Individuals seeking employment at Ivanti are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Show Full Vacancy