IT Security Consultant & IT Auditor

IT Security Consultant and Internal Auditor
Locations (Tampa, St Petersburg, Bradenton, Sarasota), Atlanta, Boston

OPPORTUNITY:

Our client is a leading provider of business consulting services throughout the United States and
Canada. We specialize in assessing, designing, and implementing best practices in business
processes, internal controls, information security and technology. Our premier security services
are renowned in the marketplace; as a result we are experiencing significant growth. To support
this expansion, we are looking for experienced consulting professionals in the fields of IT
Security, Privacy and Risk Management.

DUTIES & RESPONSIBILITIES:

The ideal candidate should possess a broad skill set and have the capacity for learning required
for sustainable career growth. The responsibilities that you will be given will make the most of
your strengths, and challenge you to develop even further in a supportive, team-focused
atmosphere. Duties may include:

Performing IT assessments of client environments, using defined, best practice IT
standards such as the Payment Card Industry Data Security Standard (PCI DSS),
COBIT, ISO27001, and various data privacy frameworks.
Designing, documenting, testing and remediating business process and general IT
controls in a wide range of technical environments and industries.
Preparing reports and other deliverables that contain strategy, technical analysis and
findings in connection with our advisory and assessment engagements and
communicating those results to client management.
Developing security, privacy and business continuity policies and programs.
Interacting effectively with co-workers and clients at all levels, as to foster and maintain
strong working relationships.
Travel, as needed, up to 50%.

EXPERIENCE & QUALIFICATIONS:

The ideal candidate should have the following:

One to five years of relevant experience in the field(s) of IT Consulting, Audit and/or
Security, Privacy or Risk Management
QSA, CISA, CISSP and CIPP certifications are a plus.
Understanding of or experience with regulatory standards including PCI, HIPAA,
Sarbanes-Oxley and privacy regulations such as state breach notification requirements,
MA 201 CMR, HITECH Act, US Safe Harbor, PIPEDA, PIPA, and EU Directive 95/46/EC)
are a plus.
Working knowledge of network, system, database and application-level security.
A degree or certificate in MIS, computer science or a related field.
Advanced written and verbal communication skills.
Qualities such as team-focus, dedication, resourcefulness, and an eagerness to learn.
Proficiency with the Microsoft Office suite of products, (i.e. Word, Excel, PowerPoint)