Core Competencies (must have):
Good knowledge of various IT audit frameworks such as SSAE18 SOC1/SOC2, SOX ITGC, HIPAA, PCI DSS, HIPAA, HITRUST etc..
Knowledge of cybersecurity frameworks such ISO 27001, ISO 27005, ISO 22301, GDPR, COSO, COBIT, NIST CSF and NIST SP 800-53, SOX, J-SOX, CIS etc.
Broad background of Information Security engineering concepts.
Knowledge of security measures and auditing practices within various operating systems, networks, firewalls, databases and applications.
Experience in assessing possible technology risks across a variety of business processes.
Knowledge of Business Continuity and Disaster Recovery best practices.
Knowledge of regulations impacting the privacy, integrity and availability of customer PII or PHI.
Prior experience in managing/leading a Team of IT Auditors/IT Security Analysts.
Proven track record of successful and on-time delivery of IT Security Assessment and IT Audit engagements/projects.
Knowledge of waterfall and agile project management concepts and experience in project management