Cybersecurity Auditor

About the position

The Cybersecurity Auditor will be the subject matter expert in all audit matters related to cybersecurity as well as support of technical audit and advisory projects for existing technologies as well as emerging - across infrastructure, security, and network domains including on-prem solutions and cloud. With technology supporting every facet of our company, this role will require close collaboration with members of the Cboe Internal Audit team to support not only IT audit centric projects, but the execution of operational, regulatory, or advisory projects. The other key responsibility of the successful candidate is driving the Internal Audit Department's continuous improvement initiatives including, but not limited to, cybersecurity auditing and assurance techniques, the design and development of process automation, data analytics, machine learning, and system integration in support of the global Internal Audit plan.

Responsibilities

• Leading and supporting the execution of technical IT audit or advisory projects in accordance with internal audit and department standards.
• Serve as a primary interface between Information Security and Internal Audit for all security related audits and findings including any penetration testing.
• Investing time gaining a thorough understanding of Cboe's technologies and processes.
• Applying that knowledge to perform risk-based planning and scoping.
• Assessing IT and cybersecurity process risks and controls/requirements.
• Developing and applying different audit methodologies and tests.
• Providing formal feedback focused on addressing root cause of identified issues.
• Providing ongoing oral feedback or challenge regarding technical IT risk and controls topics.
• Assisting in the development of the annual audit and resource planning process, including linking Cboe's strategic initiatives to technology risks.
• Working with stakeholders across Cboe's global IT environment to meet company objectives.
• Anticipating and proactively addressing project issues or concerns, applying thoughtful judgment and elevating to management as appropriate.
• Monitoring the status and resolution of open audit issues and action plans.
• Supporting regulatory and compliance requests related to technical IT audit requests and/or projects.
• Introducing and implementing new ideas or concepts - i.e., agile audit methods, continuous auditing, data analytics, and automation.

Requirements

• Bachelor's degree required, preferably in Computer Science, Computer Engineering, Cybersecurity, Information Systems or other technical related field.
• Minimum four years of experience in a technical field; Cybersecurity preferred.
• Possessing a minimum of one active technical IT-related certification such as Security+, CISSP, CISA, GCCC, CISM, CISMP or related certification.
• Proven ability to learn new technology concepts quickly and ability to develop global solutions for complex IT risks.
• Ability to navigate through ambiguity, manage and coordinate multiple project assignments in a deadline-driven environment, and accept ownership of the process and results.
• Strong analytical problem-solving skills with attention to detail and accuracy; able to work independently.
• Strong knowledge of cybersecurity process domains and related frameworks (e.g., NIST, CIS, ISO) and architecture, including cloud security.
• Strong technical knowledge at the application, network, operating system, and database layers (e.g., Windows, Linux or UNIX-like operating systems, Postgres SQL, Python).
• Excellent oral communication skills.

Benefits

• Fair and competitive salary and incentive compensation packages with an upside for overachievement.
• Generous paid time off, including vacation, personal days, sick days and annual community service days.
• Flexible, hybrid work environment, where you choose where and how you work.
• Health, dental and vision benefits, including access to telemedicine and mental health services.
• 2:1 401(k) match, up to 8% match immediately upon hire.
• Discounted Employee Stock Purchase Plan.
• Tax Savings Accounts for health, dependent and transportation.
• Employee referral bonus program.
• Volunteer opportunities to help you give back to your communities.
• Complimentary lunch, snacks and coffee in any Cboe office.
• Paid Tuition assistance and education opportunities.
• Generous charitable giving company match.
• Paid parental leave and fertility benefits.
• On-site gyms and discounts to other fitness centers.