Information Security Auditor

The successful candidate will be fully conversant with the design, testing, and maintenance of internal controls in support of Andesa’s SOC-1/SOC-2/SOC-3 audits including: Organization & Management, Risk Management, Monitoring, Logical/Physical Access, System Operations, Change Management, Network Security, Backup & Recovery, and Processing Integrity.

Primary Responsibilities:

Coordinate SOC-1, SOC-2, and SOC-3 reviews with external auditors.
Manage the quarterly Internal Control Questionnaire (ICQ) process designed to assess the design and operating effectiveness of existing controls.
Design and execute tests of key controls.
Assign control activities to “owners” and ensure that they carry out these activities.
Educate control owners, as appropriate, to ensure understanding of controls assigned.
Periodically report to management on the state of IT controls including control deficiencies in need of remediation.
Provide a sound basis for the “Management Assertion” in the SOC reports.

Essential Skills:

Outstanding written/oral communication skills with the ability to foster and maintain inter-departmental working relationships.
Comprehensive understanding of preventive & detective internal controls with an ability to identify control gaps and support remediation.
Ability to work independently, as well as, within a team environment.
Exhibit strong time management skills and work towards deadlines.
Knowledge of Auditing & IT Auditing.
Ability to create and maintain structured work papers and controls documentation.

Education, Training and Experience:

Bachelor degree in Auditing, Information Systems, Accounting, or equivalent experience.

Two to five years relevant work experience (Auditing, IT Controls, etc.)
Appropriate professional certification preferred – e.g. CISA, CPA, or CISSP.

We offer a well-rounded compensation package including:

Fully paid Health Insurance (medical, prescription, dental, and vision)
401K with company matching contributions
Generous paid time-off policy
Wellness Expense Reimbursement
Professional Development Expense Reimbursement
Child Care Stipend
Life and Disability Insurance

If this position sounds interesting, please click APPLY ONLINE to submit your resume for consideration. Kindly include SALARY REQUIREMENTS or current compensation.

Contact Us
- Name*
- Title
- Email*
- Phone
- What can Andesa do for you?*
- Sign up for our email newsletter
- Email
  This field is for validation purposes and should be left unchanged.
Testimonials
Read Success Stories

“We appreciate the partner relationship that we have with Andesa, rather than a typical vendor and client business arrangement.”

“The Andesa staff is exceptional. They have helped me and my team tremendously over the past year.”

“Andesa has responsive personnel who care about making things right.”

“Andesa is continually thinking of ways to make our jobs easier.”

“Andesa’s flexibility and knowledge of our product line, coupled with overall industry knowledge, makes doing business easy.”

“The client service at Andesa continues to blow my expectations out of the water. They are knowledgeable, responsive and could not possibly deliver better service to me and my team.”

“Thank you to the Andesa team for an exceptional job done with the conversion.”

“The Andesa Policy Administration system is a big improvement from our old system.”

“Andesa has many talented and professional staff members. They are quick to respond to issues and work hard to resolve them.”

“We can change priorities quickly and Andesa is able to react as needed. Andesa is always looking for ways to improve the solutions they offer.”

“Andesa gave us good solutions that we can use — or our clients can use — to make the whole process better.”

“I like the fact that the Andesa Policy Administration system lets me find all relevant information on one page, rather than 100 screens. It’s a lot easier.”

“Andesa has a client-oriented staff that can adapt to our business needs and is willing to think outside the box.”

“Andesa works to meet all timelines and shows a committed effort to helping the customer.”

“Andesa has been outstanding in working through the challenges with respect to our project. I am particularly impressed by the ability to problem solve and deliver on commitments.”

“Andesa, in my mind, exemplifies how a business partnership should work. They’re certainly interested in our success – the more successful we are at maintaining our business, the better it is for them.”

“We’ve had a very successful first week on the Andesa system. Associates are feeling upbeat, have provided extremely positive feedback, and are impressed with the ease of use and accurate processing.”

“All of the on-demand, web-based solutions make Andesa’s services easy to use.”

“Andesa does a great job of recovering and reacting. Any time I have ever had a critical need, it was addressed immediately.”

“Andesa approaches the engagement in the spirit of a true partnership.”

“The Andesa Policy Administration system makes more reporting data readily available. It is also much easier to run a report at any level, and get all the groups and sub groups.”

“Issuing policies in bulk is a real pleasure.”

“Andesa has flexible systems and a knowledgeable and responsive staff.”

Prev Next

Information Security Auditor

Contact Us

Testimonials

RECENT NEWS

NYDFS 23 and NYCRR 500

Andesa Services