hero

Accelerate your career.

Explore opportunities across TA's portfolio

Manager, Audit

Ivanti

Ivanti

Administration
United States · Remote
Posted on Saturday, May 11, 2024

Who We Are:

In today’s work environment, employees use a myriad of devices to access IT applications and data over multiple networks to stay productive, wherever and however they work. Ivanti elevates and secures Everywhere Work so that people and organizations can thrive.

While our headquarters is in the U.S., half of our employees and customers are outside the country. We have 36 offices in 23 nations, with significant offices in London, Frankfurt, Paris, Sydney, Shanghai, Singapore, and other major cities around the world.

Ivanti’s mission is to be a global technology leader enabling organizations to elevate Everywhere Work, automating tasks that discover, manage, secure, and service all their IT assets. Through diverse and inclusive hiring, decision-making, and commitment to our employees and partners, we will continue to build and deliver world-class solutions for our customers.

Our Culture - Everywhere Work Centered Around You

At Ivanti, our success begins with our people. This is why we embrace Everywhere Work across the globe, where Ivantians and our customers are thriving. We believe in a healthy work-life blend and act on it by fostering a culture where all perspectives are heard, respected, and valued. Through Ivanti’s Centered Around You approach, our employees benefit from programs focused on their professional development and career growth.

We align through our core values by locking arms in collaboration, being champions for our customers, focusing on the outcomes that matter most and fighting the good fight against cyber-attacks. Are you ready to join us on the journey to elevate Everywhere Work?

Why We Need you!

As part of the Compliance and Audit team, you will lead the execution of multiple functions and support daily activities of the program, included but not limited to: development, implementation, documentation/maintenance of policies and procedures, monitoring program compliance, investigation and tracking of incidents and breaches and insuring compliance with federal laws.

Critical Priorities Include:

  • Facilitate and manage Ivanti’s Audit Team, consisting of 10+ different frameworks for a total of 40+ different audits or certifications, as Audit Manager. Frameworks include:
    • ISO 27001, 17 & 18
    • SOC2
    • PCAOB Integrated Financial Audit
    • NIAP & BSI Common Criteria
    • FIPS 140-2 & 3
    • DoDIN APL (DISAs JITC, STIGs, etc.)
    • UK Cyber Essentials
    • CCN
    • FedRamp
  • Develop and implement audit methodology, processes, and templates.
  • Identify, track, and report on critical KPIs to leadership, including budget to actuals, deficiencies, quality and accuracy, and program improvement
  • Support and ensure quality of audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
  • Provide guidance on laws, regulations, policies, standards, or procedures to management, personnel, or clients.
  • Develop processes with the external audit group on how to share information regarding the continuous monitoring program and its impact on security control assessment.
  • Support audit team in becoming product and audit SMEs
  • Review existing and proposed policies with stakeholders.
  • Review or conduct audits of information technology (IT) programs and projects.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Review, conduct, or participate in audits of cyber programs and projects.
  • Provide leadership in the planning, design and evaluation of privacy and security related projects
  • Appoint and guide a team of IT security experts.
  • Prepare a plan of action and milestones based on the findings and recommendations of a security assessment report excluding any remediation actions taken.

The primary focus of this position in Information Security is: to develop and implement a consistent, predictable, and repeatable audit processes, demonstrated through tracking key metrics; ensure quality and accuracy of artifacts delivered to third-party assessors; transform the audit program to a vehicle for early identification and remediation of potential weaknesses; and reduce impact to key stakeholders and control owners.

To Be Successful in The Role, You Should Be Able to:

  • Successfully manage and lead an audit program ensuring compliance with regulatory requirements, compliance standards, internal policies, and mandates.
  • Lead and manage a team of auditors, assigning tasks, setting priorities, and providing guidance through the audit process.
  • Continuously evaluate and enhance audit methodologies, processes, and tools to ensure effectiveness and efficiency.
  • Support the development of security policies, training material, and other core documents.
  • Coordinate and manage onsite assessments with external stakeholders.
  • Manage a global team, with team members from varying geographical regions (flexible scheduling availability).
  • Coordinate with third-party auditors/assessors in managing audit program and treatment of potential deficiencies.

You Can Leverage Your Expertise to:

  • Assess and forecast manpower requirements to meet organizational objectives.
  • Monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies.
  • Interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
  • Coordinate with senior leadership of an organization to facilitate the sharing of risk-related information among authorizing officials and other senior leaders within the organization.
  • Advise authorizing officials, chief information officers, senior information security officers, and the senior accountable official for risk management/risk executive (function), on a range of security-related issues (e.g. establishing system boundaries; assessing the severity of weaknesses and deficiencies in the system; plans of action and milestones; risk mitigation approaches; security alerts; and potential adverse effects of identified vulnerabilities).
  • Coordinate their security-related activities with security architects, senior information security officers, system owners, common control providers, and system security officers.
  • Facilitate and support Audit Team in conducting comprehensive assessment of the management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine the effectiveness of the controls (i.e., the extent to which the security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).
  • Provide an assessment of the severity of weaknesses or deficiencies discovered in the system and its environment of operation and recommend corrective actions to address identified vulnerabilities.
  • Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • Work independently and have the ability to prioritize conflicting demands from multiple business clients in an extremely fast-paced environment
  • Work across departments and business units to implement organization’s audit principles and programs.

You Should be Knowledgeable In:

  • Frameworks such as: NIST SP 800 Series, FISMA, ISO 15408, and ISO27001, and those indicated above
  • Leveraging technical and program management skills to plan, track, collaborate and report on regulated program deliverables
  • Tracking and driving remediation of control deficiencies and gaps identified internally and externally
  • Audit Program metrics and KPIs
  • Program / project management
  • Technical aptitude and fundamental understanding in software development

Other Qualifications:

  • Extensive professional experience in a similar role
  • Experience with communicating effectively and efficiently across diverse teams, through verbal and written exchanges
  • Project management experience, leading and organizing a team to complete a project within a specific time frame and budget
  • Confident in delegating tasks and consistent in tracking and monitoring progress
  • Industry certifications preferred (PMP, CISSP, CISM, CGEIT)

This job posting will remain active until a qualified candidate is identified.

At Ivanti, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Ivanti believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

If you require special assistance for the best interview experience, please contact us at recruiting@ivanti.com.

#LI-PD1

#LI-Remote

PWDNET