Information Security Analyst

NICE Systems - Sandy, UT

posted 4 months ago

Full-time - Entry Level
Remote - Sandy, UT
5,001-10,000 employees
Publishing Industries

About the position

At NICE, we don't limit our challenges. We challenge our limits. Always. We're ambitious. We're game changers. And we play to win. We set the highest standards and execute beyond them. And if you're like us, we can offer you the ultimate career opportunity that will light a fire within you. The Information Security Analyst will conduct internal audits focused on verifying and enhancing the company's compliance and information technology controls. This role involves facilitating third-party audits, coordinating with audit teams, and working closely with internal control owners. The analyst will be responsible for timely and effective audit planning, execution, and reporting, as well as conducting training and process analysis with control owners and operators. Additionally, the analyst will assist with other audit matters and projects, providing updates and escalating issues as necessary. In this position, you will act as a lead for future audit success by preparing internal control owners for external audits. You will help internal control owners scope appropriate evidence samples for external auditors and establish consistent and sustainable processes for conducting internal audits. Tracking and ensuring visibility of developing compliance framework standards will be a key responsibility, along with facilitating and conducting internal gap assessments and audit readiness assessments. You will assess inherent and residual risks, evaluate control designs, develop and execute audit tests, and document control narratives and walkthroughs. As a core member of the audit team, you will participate in all audit phases, assist team leaders and managers, and draft audit reports to present findings to management through status updates and closing meetings. Your role will also involve developing cost-justified, value-added management actions and effectively handling larger and more challenging workloads on successive assignments. Proficiency in the use of automated work papers and other departmental tools is essential, as is maintaining internal audit competency through ongoing professional development. You will also be expected to communicate effectively and professionally with customers both inside and outside of NICE CXone.

Responsibilities

  • Conduct internal audits focused on verifying and enhancing compliance and information technology controls.
  • Facilitate third-party audits and coordinate with audit teams and internal control owners.
  • Conduct timely and effective audit planning, execution, and reporting.
  • Conduct training and process analysis with control owners and operators.
  • Assist with other audit matters and projects as required.
  • Provide updates and escalate issues in a timely manner.
  • Prepare internal control owners for external audits.
  • Help internal control owners scope appropriate evidence samples for external auditors.
  • Establish consistent and sustainable processes for conducting internal audits.
  • Track and ensure visibility of developing compliance framework standards.
  • Facilitate and conduct internal gap assessments and audit readiness assessments.
  • Assess inherent and residual risks, evaluate control designs, develop, and execute audit tests.
  • Document control narratives and walkthroughs.
  • Assume core audit responsibilities in all audit phases.
  • Participate as a key team member on audit projects, having responsibility for complex areas.
  • Assist team leaders, managers, senior and staff auditors in accomplishing team objectives.
  • Identify and assess the impact of control deficiencies.
  • Draft audit reports and present findings to management through status updates and closing meetings.
  • Assist in the development of cost-justified, value-added management actions.
  • Handle larger and more challenging workloads on successive assignments.
  • Produce excellent results in audit projects across multiple business areas and for different team leaders.
  • Ensure effective and efficient execution of audits in conformance with professional and department standards, budgets, and timelines.
  • Maintain internal audit competency through ongoing professional development.
  • Participate in the review of co-worker's work.

Requirements

  • High School Diploma required.
  • Common entry-level information security certifications include CompTIA Security+, CISSP Associate, CEH, CISM, CISA, GSEC, CCT, ENSA, SSCP, Cisco Certified CyberOps Associate, or similar.
  • 2+ years of experience in information security audits.
  • Experience with compliance frameworks (GDPR, ISO 27000, Cyber Essentials, PCI-DSS, SOC 2 Type 2, etc.).
  • Experience testing compliance controls with control owners.
  • Strong written, verbal, and interpersonal communication skills.
  • High level of energy and the desire to work in a fast-changing environment.
  • Proficient knowledge of PCs and Servers -- Windows, Linux, and Unix preferred.
  • Experience in auditing the security of deployments in AWS and/or Azure environment.
  • Ability to plan and prioritize tasks efficiently and effectively.

Nice-to-haves

  • Experience in domestic & international privacy laws such as HIPAA, PCI, NIST security framework.
  • Familiarity with industry best practices and regulations for software and/or telecommunications industry.
  • Understanding of MaRISK, BaFin, BSI C5, IRAP.
  • Bachelor's Degree, Master's degree preferred.
  • CISSP, CISA, CISM or equivalent.

Benefits

  • Flexible work schedule with 2 days in the office and 3 days remote work each week.
  • Opportunities for professional development and career growth.
  • Collaborative and creative work environment.
  • Access to internal career opportunities across multiple roles and locations.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service