CBRE is seeking an IT Audit Manager, with a focus on cybersecurity, to join a growing team in Dallas, TX. With a fun work culture and excellent growth opportunities, this position will give you a unique opportunity! Across the Global Enterprise, Internal Audit is implementing a new agile approach to better meet the evolving needs of the business. This individual will possess advanced cybersecurity expertise, critical thinking skills and the ability to adapt to a fast-paced environment.
The cybersecurity IT Audit Manager will focus their efforts on developing iterative sprint deliverables, independently managing audits and ensuring high-quality outcomes of each audit. This role will have the primary responsibility of understanding, interpreting and executing business plans, as well as delivering insight to stakeholders and senior leadership.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Serve as a subject matter expert in auditing general and application controls across a variety of technologies and platforms using IS best practices and standards, including COBIT, ISO 27001, ISO 27005 and the NIST Cybersecurity and Risk Management Frameworks.
Keeps abreast of emerging information technology and cybersecurity risks and evolving standards and regulations and ensures that these are appropriately addressed in the department’s risk assessment and audit planning processes.
Perform internal cybersecurity audits and support other operational and IT audits as required.
Evaluate the effectiveness of design and operation of cybersecurity and IT controls.
Ensure audit records and documentation are accurate and compliant with applicable requirements.
Monitor corrective action plans to ensure they are created and completed in a timely manner.
Prepare governance metrics and other executive reporting requirements, as necessary.
Oversee and evaluate the overall delivery of the team and act to address issues when necessary.
Learn quickly, manage multiple priorities, coordinate work assignments with management throughout the organization and reliably meet commitments/deadline.
Provide informal assistance such as technical guidance and/or training to team members as necessary.
Adhere to department policies and procedures and assist with continuous improvement initiatives.
Coordinate and assign tasks to team members, including outsourced staff, within a team and/or project.
Conduct ad-hoc assignments with limited management oversight.
Travel up to 30% domestic and international.
Provide informal assistance such as technical guidance and/or training to a team of three to five co-workers on an engagement.
Hands-on experience auditing against NIST Cybersecurity Framework, NIST SP800-53, Federal Financial Institutions Examination Council or ISO 27001 standards.
Comfortable with complexity and able to grasp technical concepts easily.
EDUCATION AND EXPERIENCE
Bachelor’s degree in Computer Science/Engineering or similar field of study. Masters preferred.
Seven or more years of combined business and/or experience within an audit environment. Technical threat management, incident response, identity and access management, SDLC, or application security assessment highly preferred.
CERTIFICATES and/or LICENSES
Certified Information Systems Security Professional (CISSP) or similar advanced cybersecurity certification required.
Additional certifications preferred in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), ISO 27001 Lead Auditor Certification, Certified Internal Auditor (CIA) or Certified Public Accountant (CPA).
Requires in-depth knowledge of cybersecurity and information technology risks, security and controls.
Excellent project management and interpersonal skills with the ability to make sound decisions, exhibit initiative and critical thinking.
Ability to make effective and persuasive presentations on complex topics to all levels of employees and/or public groups.
Requires a basic knowledge of Generally Accepted Accounting Principles (GAAP) and Financial Accounting Standards Board (FASB) regulations including a basic knowledge of financial terms and principles to include accounting methods (cash, accrual, and full GAAP).
Ability to solve advanced problems and deal with a variety of options in complex situations.
OTHER SKILLS AND ABILITIES
Proficient in Microsoft Office Suite including Word, PowerPoint, Excel and Outlook.
SCOPE OF RESPONSIBILITY
Decisions made with general understanding of procedures and company policies to achieve set results and deadlines. Errors in judgment may cause short-term impact to co-workers and supervisor.
Equal Opportunity and Affirmative Action Employer Women/Minorities/Persons with Disabilities/US Veterans
To apply for this position, please copy and paste the following link into your browser address bar: https://cbre.contacthr.com/74337011