Associate Security Auditor, Security Auditor, Security Auditor II, Senior Security Auditor

Recruiter:

Option Consultancy Services

Job Ref:

GLI001

Date posted:

Tuesday, December 28, 2021

Location:

Johannesburg, South Africa

Salary:

TCTC

SUMMARY:
Associate Security Auditor, Security Auditor, Security Auditor II, Senior Security Auditor

POSITION INFO:

Associate Security Auditor, Security Auditor, Security Auditor II,

Senior Security Auditor

FLSA Classification (US only)

Associate level is Non-Exempt
Security Auditors I, II & Senior are Exempt

Travel

Must have the ability to travel up to 75%

The Security Auditor is responsible for probing the safety and effectiveness of computer systems and their related security components, i.e., IT Procedures and an information security management system. This position is also responsible for delivering detailed reports to clients on

the overall effectiveness of the system, explaining any security issues and suggesting changes and improvements.

Essential Functions (Duties & Responsibilities):

The Associate Security Auditor, under direct supervision, is responsible for:

Executing and/or administering security audits that are planned by more experience staff including inspecting and evaluating financial and information systems, management procedures and security controls
Administering risk-focused exams for IT systems
Properly documenting the audit process on a variety of computing environment and
applications
Providing a written and verbal report of audit findings
Coordinating and working together with colleagues in other lines of services insupport of client needs for Information Security Services
Delivering excellent client service
Following, maintaining and improving standard operation procedures (SOP)
Achieve and maintain any required professional certification
Performs other duties as assigned

Security Auditor I is responsible for all the duties listed under the Associate Security

Auditor level and the following:

Executing security audits independently that are planned by more senior staff including inspecting and evaluating financial and information systems, management procedures and security controls; may be planning some fewer complex audits independently
Accurately interprets audit results against defined criteria for less complex audits
Working with clients to develop appropriate remediation plans
Supporting senior members in the sale of security auditing services
Performs other duties as assigned

Security Auditor II is responsible for all the duties listed under the Associate Security

Auditor and Security Auditor I and the following:

Planning and executing security increasingly more complex audits independently including inspecting and evaluating financial and information systems, management procedures and security controls
Assessing the exposures resulting from ineffective or missing control practices
Working with management to ensure security recommendations comply with

Company procedures

Supporting team technical development, through service development or research, and contributes to company technical processes overall
Performs other duties as assigned

Senior Security Auditor is responsible for:

All duties listed under the Associate Security Auditor level and the following:
Handling the most complex assignments
Working as a senior subject matter expert (SME) in their field
Performing peer reviews on reports
Leading the technical development of a team, training junior members and assisting on improvements to penetration testing services
Managing complex security testing projects
Managing other team members assigned to projects
Performs other duties as assigned

Required Education and Other Credentials:

Bachelor’s Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent; or
Certification, formal training, experience or demonstrated competency may be evaluated and considered in lieu of the educational requirements

One or more of the following certifications are required:

Associate Security Auditor): None
Security Auditor: one among ISO 27001 Lead Auditor, PCI Qualified Security Auditor (QSA), Certified Information Security Professional (CISP), Certified Information Security Auditor (CISA) or equivalent
Security Auditor II: Two among ISO 27001 Lead Auditor, PCI Qualified Security Auditor (QSA), Certified Information Security Professional (CISP), Certified Information Security Auditor (CISA) or equivalent
Senior Security Auditor: Certified in Risk and Information Systems Control (CRISC) plus any mandatory for level II

Required Skills/Experience:

Knowledge and/or experience with sales, scoping and client/project management
Working knowledge of regulatory and industry data security standards, i.e., FFIEC, HIPPA, PCI, NERC, SOX, NIST, etc.
Must have experience with ISO 27001/27002, ITIL and COBIT frameworks
Must understand Linux, Windows and UNIX operating systems, as well as MSSQL and Oracle databases
Knowledge of ACL, IDEA and/or similar software programs for data analysis is preferred
Working knowledge of Fidelis, ArcSight, Niksun, Websense, Proofpoint, BlueCoat and/or similar auditing and network defense tools is required
Must have a solid understanding of firewall and intrusion detection/prevention protocols and know how to employ virtualization techniques
Must have the ability to communicate effectively, both orally and written, with other members of the team and clients/prospective clients
Proficiency in Microsoft Word, PowerPoint, Excel, and Outlook
Must be able to deliver quality reports on time
Must have the ability to work both independently and as part of a team
Must have the ability to understand source code in C/C++, VB.NET, ASP, PHP, or Java
Must demonstrate a high degree of attention to quality, details, and correctness

Associate Security Auditor has no experience requirements

Security Auditor I must have:

At least 2 years of experience working on security audits that includes inspecting and evaluating financial and information systems, management procedures and security controls

Security Auditor II must have:

At least 3 years of experience in planning, executing and leading security audits across an organization
At least 3 years previous experience as technical leader of a team of Security Auditors

Senior Security Auditor must have:

At least 5 years of experience in planning, executing and leading security audits across an organization
At least 5 years previous experience as technical leader of a team of Security Auditors

Physical Requirements and Working Conditions:

Must have the ability to work at a computer for extensive periods of time
Must have the ability to read (both paper and computer screen) for extensive periods of time
Must have the ability to listen and speak with internal external parties on the telephone for extended periods of time
Must have sufficient hand, arm and finger dexterity to operate a computer keyboard and other Company equipment

NB! This job is now closed. You can apply for other jobs by uploading your CV.

Similar jobs you might be interested in:

Cyber Security Engineer
Location: Johannesburg
Salary:
Brief Description:Are you an Cyber security Engineer with a passion for protecting digital assets and securing enterprise environments? Our clients are looking for skilled professionals to join dynamic teams and contribute to robust security initiatives.
Today

Systems Engineer (Unix/Solaris) - Hybrid
Location: Pretoria
Salary:
1 day ago

Systems Engineer
Location: Johannesburg
Salary: R250 Per Hour Hourly
Brief Description:Are you a Systems Engineer with solid Linux experience and exposure to cloud platforms like Azure or AWS? I’m working with multiple clients across the Telecommunications, Financial Services, and IT industries who are actively seeking professionals like you for exciting contract and permanent opportunities.
3 days ago

AWS Consultant Developer
Location: Midrand
Salary:
A global systems integrator and digital transformation expert focused on technology-enabled CX is seeking a talented AWS Consultant Developer to join their dynamic team.The AWS Consultant Developer will be responsible for delivering solutions using AWS technologies for customers in adherence to Company processes.
10 days ago

Senior Active Directory Specialist (Architect)
Location: Johannesburg
Salary: 500 Hourly
senior Active Directory Specialist
13 days ago

Network Engineer (Level 2)
Location: Roodepoort
Salary:
15 days ago

Senior Software Developer
Location: Centurion
Salary:
21 days ago

Senior Azure Solutions Architect
Location: Johannesburg
Salary:
We're Hiring: senior Azure Solutions ArchitectLocation: Johannesburg, South AfricaContract: 12-Month Fixed TermIndustry: Financial Services (Top-Tier Institution)Are you a seasoned Cloud Architect with deep Microsoft Azure expertise and a passion for building secure, scalable solutions? Join our team to lead enterprise-grade cloud transformation in a highly regulated environment.
20 days ago

IT Operations Manager
Location: Pretoria
Salary: 46000 Monthly
We're seeking a versatile IT Operations Manager to ensure the smooth, secure, and efficient running of our IT infrastructure across multiple sites. You'll manage systems, networks, cloud access, and security, while also supporting end users and automating tasks through scripting. From remote support to troubleshooting and performance optimization—you’ll keep our tech ecosystem running ...
29 days ago

SalesForce Integrations Developer | Pretoria
Location: Pretoria
Salary: R50 000 - R70 000
SalesForce Integrations Developer | Pretoria
48 days ago

Associate Security Auditor, Security Auditor, Security Auditor II, Senior Security Auditor

Similar jobs you might be interested in:

Create a free job alert for Associate Security Auditor, Security Auditor, Security Auditor II, Senior Security Auditor in Johannesburg