Senior Cyber Security Engineer

Description : Cyber Security Engineer - Senior (IT Risk & Audit Advisory)

Experience : 3+ Years

Employment Type : Full-time

Job Summary :

We are seeking a Senior Cyber Security Engineer whose expertise lies in IT Risk, Audit, and Advisory services. This role involves working directly with client executives and management teams to assess, manage, and optimize technology risks across their business systems. The Specialist will leverage industry frameworks (SOX, SOC) to perform internal audits and IT control assessments, providing strategic recommendations for business process and security improvements.

Key Responsibilities and Technical Focus :

Client Advisory and Risk Management :

- Work closely with client executives and management teams to understand their businesses and assist in identifying and managing financial and operational risks within their business systems to ensure technology risks are managed.

- Provide strategic business advice to clients by assisting in the implementation of new processes and controls that address key risks.

- Assess, manage, and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT regulatory and compliance requirements, and business continuity.

Audit Execution and Control Assessment :

- Review clients' processes and controls against industry frameworks (e.g., COBIT, ISO 27001), identifying gaps in design and execution, and communicating issues and recommendations to clients.

- Assist in the development of audit programs and the execution of internal audits and IT control assessments in the areas of :

1. IT strategy and governance

2. IT operations, business continuity, and disaster recovery (BCDR)

3. Cybersecurity

4. Third-party risk management

5. IT General Controls (ITGC) and application controls

6. SOC reporting (Service Organization Controls)

7. Regulatory and compliance requirements

Reporting and Documentation :

- Assist in drafting comprehensive executive summaries and final reports for delivery to the client, documenting and reviewing engagement work papers in accordance with industry-accepted internal audit methodologies.

- Act as a valued business advisor, build relationships, and communicate effectively with the client to provide superior client service.

Professional Development :

- Continue to develop your knowledge and experience working with a variety of technology environments, platforms, applications, and tools/utilities.

Required Qualifications & Skills :

Education : Bachelors degree in management/computer information systems, computer science, accounting information systems, computer engineering, industrial engineering, or a related program.

- Experience : 3+ years experience with IT audit or cybersecurity.

- Audit Exposure : Previous experience performing SOX (Sarbanes-Oxley) and SOC (Service Organization Controls) audits is preferred.

- Consulting Background : Experience as a client-serving professional for a consulting firm is highly desired.

- Certifications (Preferred) : Holding certifications such as CISA, CISSP, CISM, CIA, or CPA is strongly preferred.

- Core Competencies : Excellent analytical, technical, and problem-solving skills, with strong attention to detail.

Preferred Skills :

- Demonstrated desire to continually grow, learn, and develop skills and knowledge through external and internal education.

- Strong entrepreneurial skills to network and build strong relationships internally and externally with clients.