Senior Information Security Compliance ManagerApply
CBS Interactive is the premier online content network for information and online operations of CBS Corporation as well as some of the top native digital brands in the entertainment industry. Our brands dive deep into the things people care about across entertainment, technology, news, games, business and sports. With over 1 billion users visiting our properties every quarter, we are a global top 10 web property and one of the largest premium content networks online.
Check us out on The Muse to get an inside look into #LifeAtCBSi through employee testimonials, office photos and company updates.
- Team up with IT Process Owners to identify/improve and document detailed controls and supporting documentation evidencing control operating effectiveness for key application, security and infrastructure components.
- Participate in planning, scheduling and preliminary analysis for all internal and external audit projects.
- Coordinate audit activities including notification and scheduling for all affected parties of audit timing, scope, objectives, approach and deliverables.
- Work closely with external auditors and internal audit teams on managing and supporting the audits.
- Identify, document, and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of the audit project.
- Perform risk assessments of technology infrastructure and operational processes and controls for assigned areas.
- Complete audit testing, inquiry, observation and other analysis required to meet objectives of audit projects.
- Keep existing policies and procedures aligned with audit and security requirements
- Communicate progress and results of audit throughout the audit engagements.
- Develop value added recommendations to deal with issues identified during assigned audits and draft audit reports to formally communicate the results of the audit and related recommendations.
- Monitor implementation of outstanding audit recommendations and validate their implementation.
- Serve as a member of the Technical Leadership Team, proactively partnering with peers to make decisions that drive growth and propel CBSi forward
- Bachelor’s degree in Information Systems or related field, or equivalent experience
- Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC) strongly preferred. Other certifications add value such as Certified in Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM), Certified Information Security Professional (CISSP), CPA, and/or CIA.
- Minimum 5 years of internal or external audit experience with Big 4 Audit Firms, with exposure to the following compliance frameworks preferred AT101 Type2 SoC1 and SoC2 (SSAE16), ISO2700x, FedRamp, COPPA, ITIL, NIST
- Knowledge base related to controlling and securing system platforms (including Unix and Windows), database platforms, endpoint platforms, and network infrastructures is preferred.
- Understanding of Cloud industry technologies and IaaS, PaaS, SaaS platforms preferred. Ability to quickly acquire and apply knowledge of changing technologies implemented is essential.
- Understanding of audit process/methodology, and risk management/advisory ability
- Ability to think analytically, communicate complex issues, and develop control recommendations.
- Effective written and verbal communication skills with the ability to present control analysis and recommendations with clarity and professionalism.
- Demonstrated track record of integrity, effective communication, commitment to teamwork, innovation, and excellence.