IT Audit Senior Specialist - Northwestern Mutual

See The Original Here

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Were strong and growing.

We invest in our people. We care and make a positive difference. Whats the role? As an Administrative Assistant, you will provide critical administrative support to department leadership and their teams driving some of the highest priority strategic initiatives for the enterprise (this is highly visible, extremely dynamic, and strategically-aligned work!).

We care.

Summary

Responsible for planning & executing technology & cybersecurity audits, with an initial focus on regulatory-driven (Model Audit Rule) IT audits. Works on a variety of audits and projects encompassing cybersecurity, information technology, and help with overall development of a cyber and technology audit framework.

Primary Duties & Responsibilities

Independently conducts thorough risk analysis, control identification and audit program development. Independently concludes on the effectiveness of controls and control gaps based on the results of testing.

Interprets the associated risks with IT systems and processes. Begins to develop a holistic view of risk, develops testing approach, and proposes solutions.

Utilizes analytic technologies and data to enable agile methodologies and approaches to deliver increased efficiency and deeper insights on risk assurance.

Function as a member of the technology & cybersecurity audit team, with experience as both as an individual contributor and in team environments where collaboration and adaptability are important.

Handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision.

Responsible for conducting cybersecurity design and effectiveness audits of IT systems, cloud environments (AWS, VMWARE), and network infrastructure to ensure compliance with internal standards aligning with NIST 800-53 and the NIST Cybersecurity Framework (CSF).

Remains current on cybersecurity auditing practices, cyber emerging threats, industry regulatory changes, and internal company policy and process changes.

Proactively interfaces with IT functional groups to enhance their understanding of the cybersecurity controls to drive improved security compliance and management of risk, and to strengthen effectiveness of cybersecurity controls.

Prepares and reports on audit recommendations and ensures they are accurately tracked in an audit repository.

Knowledge, Skills, Abilities

Bachelors degree in Accounting, Finance, Information Technology or another relevant field.

3+ years of technology & cyber audits experience with a professional services firm, an internal audit group, or similar environment.

Strong written and verbal communication skills with the proven ability to interact effectively at all levels within and outside the organization

Understanding of IT audit standards and frameworks (e.g., COBIT, ISO/IEC 27002, NIST) and data security and privacy regulations (e.g. CCPA, HIPAA)

Knowledge and understanding of auditing IT applications, and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, messaging, mobile technologies, remote access, storage, operating systems, virtualization services, etc.)

Excellent project management and organization skills ability to multitask.

Confidence and gravitas in working with and challenging stakeholders.

Excellent ability to develop and write impactful reports and presentations.

Demonstrated knowledge of the regulatory environment for Financial Services industry is a plus

Experience with large public accounting firms or large corporate internal audit team preferred

Relevant professional certification (e.g. CISA, CIPP, CISSP, CGEIT, CISM, CRISC, CIA, CPA) or the desire to actively work towards one preferred

General understanding of Model Audit Rule, SOX, or general controls direct experience preferred

Benefits

Great pay package, 401K, company sponsored retirement plan, educational assistance, performance based incentive pay, medical, dental and vision insurance, parental leave, caregiver time off.and more!

#LI-Hybrid

Compensation Range

Pay Range - Start

Pay Range - End

Northwestern Mutual pays on a geographic-specific salary structure and placement in the salary range for this position will be determined by a number of factors including the skills, education, training, credentials and experience of the candidate the scope, complexity as well as the cost of labor in the market and other conditions of employment. At Northwestern Mutual, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Please note that the salary range listed in the posting is the standard pay structure. Positions in certain locations (such as California) may provide an increase on the standard pay structure based on the location. Please click

here

l information relating to location-based pay structures.

Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in California, Colorado, New York City, Washington or outside of a Corporate location, please click

here

FIND YOUR FUTURE

We're excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Were strong and growing.

We care.

Summary

Primary Duties & Responsibilities

Independently conducts thorough risk analysis, control identification and audit program development. Independently concludes on the effectiveness of controls and control gaps based on the results of testing.

Interprets the associated risks with IT systems and processes. Begins to develop a holistic view of risk, develops testing approach, and proposes solutions.

Communicates audit issues and related recommendations in both technical and non-technical terms to Operational and IT management. Makes sound recommendations for audit finding rankings and effectively supports conclusions during discussions with audit clients.

Utilizes analytic technologies and data to enable agile methodologies and approaches to deliver increased efficiency and deeper insights on risk assurance.

Function as a member of the technology & cybersecurity audit team, with experience as both as an individual contributor and in team environments where collaboration and adaptability are important.

Handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision.

Responsible for conducting cybersecurity design and effectiveness audits of IT systems, cloud environments (AWS, VMWARE), and network infrastructure to ensure compliance with internal standards aligning with NIST 800-53 and the NIST Cybersecurity Framework (CSF).

Remains current on cybersecurity auditing practices, cyber emerging threats, industry regulatory changes, and internal company policy and process changes.

Proactively interfaces with IT functional groups to enhance their understanding of the cybersecurity controls to drive improved security compliance and management of risk, and to strengthen effectiveness of cybersecurity controls.

Prepares and reports on audit recommendations and ensures they are accurately tracked in an audit repository.

Knowledge, Skills, Abilities

Bachelors degree in Accounting, Finance, Information Technology or another relevant field.

3+ years of technology & cyber audits experience with a professional services firm, an internal audit group, or similar environment.

Strong written and verbal communication skills with the proven ability to interact effectively at all levels within and outside the organization

Understanding of IT audit standards and frameworks (e.g., COBIT, ISO/IEC 27002, NIST) and data security and privacy regulations (e.g. CCPA, HIPAA)

Knowledge and understanding of auditing IT applications, and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, messaging, mobile technologies, remote access, storage, operating systems, virtualization services, etc.)

Excellent project management and organization skills ability to multitask.

Confidence and gravitas in working with and challenging stakeholders.

Excellent ability to develop and write impactful reports and presentations.

Demonstrated knowledge of the regulatory environment for Financial Services industry is a plus

Experience with large public accounting firms or large corporate internal audit team preferred

Relevant professional certification (e.g. CISA, CIPP, CISSP, CGEIT, CISM, CRISC, CIA, CPA) or the desire to actively work towards one preferred

General understanding of Model Audit Rule, SOX, or general controls direct experience preferred

Benefits

Great pay package, 401K, company sponsored retirement plan, educational assistance, performance based incentive pay, medical, dental and vision insurance, parental leave, caregiver time off.and more!

#LI-Hybrid

Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!

FIND YOUR FUTURE

Written by: