Senior Information Security Auditor, DefSecc - FORI
DESCRIPTION
We are looking for Senior Information Security Auditor within the Finance Operations Risks Intelligence team (FORI). FORI provides controllership across Finance Operations (FinanceOps) with a mission to identify risks, protect assets, design to-be controls, and as appropriate assist process owners with risk mitigation or remediation. FinanceOps organization manages corporate procurement, vendor payables and payments, employee payroll, customer receivables, and global real estate & facilities.
This role will be responsible for validating, reviewing, and recommending security controls in over 800+ services, applications, and websites that support FinanceOps processes. You will provide guidance, recommend, curate, and advise application engineers on security detective and preventive controls. You will be expected to create metrics to demonstrate control design effectiveness. This role combines long term strategic planning to raise the bar on security controls across Finance Operations organization with the excitement and challenge of quickly reacting to new threat scenarios. You will work closely with IT auditors and Information Security teams within FinanceOps and the broader organization, sometimes collaboratively and in some cases in partnership for organization wide initiatives or projects.
Key job responsibilities
• Be Information Security subject matter expert responsible for securing applications and technology used to support Finance Operation processes.
• Own the planning and delivery of technical security solutions to ultimately reduce risk for the Finance Operations.
• Develop and report performance metrics that demonstrate business impact and risk reduction.
• Continuously evaluate existing systems and capabilities to ensure design effectiveness.
• Engage with stakeholders to ensure that business security needs are understood and met.
• Communicate effectively such that expectations are set and all impacted stakeholders are aware and in alignment.
and make proposals on how to mitigate through technology.
• Lead teams to help partners and customers understand the opportunities to handle security and compliance requirements in key financial processes and services.
• Set strategic direction to improve documentation, track progress, coordinate improvement efforts, and monitor process improvements.
BASIC QUALIFICATIONS
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
PREFERRED QUALIFICATIONS
- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience with AWS products and services
- Experience with programming languages such as Python, Java, C++