Senior IT Security and Audit Specialist – the role:
The Senior IT Security and Audit Specialist will be primarily responsible for responding to, coordinating and managing IT Security audits from our clients and regulators.
Work with internal, regulatory and client auditors to facilitate IT audits and assessments. Receives audit findings, and manages the collection of responses and remediation plans with owners.
Act as a liaison between IT and other areas of the business to provide guidance on IT Security program level policy and control requirements
Effectively report and communicate results and appropriate corrective action to varying levels of management.
Maintain an awareness of existing and proposed security-standard-setting groups, state and federal legislation and regulations pertaining to information security. Identifies regulatory changes that will affect information security policy, standards and procedures, and recommends appropriate changes.
Responds to and provides oversight, management and support of IT related contractual documents, such as contracts, Request for Proposals, Statements of Work
Reports to IT management concerning risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
Collaborates on IT projects to ensure that IT security issues are addressed throughout the project life cycle.
Works with the IT department and members of the IT security team to identify, select and implement policies, standards and controls.
Fully understand security policies, standards, processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
Participate in the execution of risk assessment activities, analyzing the results of audits (performed by other groups) to produce recommendations of acceptable risk, and recommend risk mitigation strategies. Ability to handle internal and external client needs with exceptional customer service skills.
To qualify, the ideal candidate will have the following skills and experience:
Excellent verbal, organization, written, presentation, time management and collaboration skills
Training in IT Security, Risk Assurance or IT Audit methodology strongly desired
Relevant certifications a plus: CRISC, CISA,
BS/BA degree or an equivalent combination of education and experience required
Escalation point & SME for threat, event, and data analysis; strong forensic analysis skills/experience
Exceptional client-facing communication & reporting/documentation skills including presentation skills (exec level) & development of dashboards & metrics (PowerPoint/Excel)
Proven background with tactical task delegation, technical mentorship, and overall team motivation. Effective decision-making, process & procedure enforcement, and spot-coaching
SANS-based intermediate/master-level certifications & training expected (GIAC roadmap). Military/gov't sector cyber experience desirable (ex: 25-Delta, DHS, NSA, etc)
Experience with leading industry cyber tools, best practices/procedures, and trends/strategies. Experience with ConnectWise (ticketing), Elastic (SIEM), and formal security-centric case management platforms a plus
Quest Diagnostics Lenexa, KS
Faith Technologies Inc. Lenexa, KS
Cornerstone Solutions Kansas City, MO
Concorde Career Colleges, Inc. Mission, KS
Village Flower Company Prairie Village, KS