Cyber Security Auditor II

LHC Group Houston , TX 77001

Posted 2 months ago

Cyber Security Auditor II

Location : Facility Name LHC Group Inc Home Office Requisition ID 2020-89656 Location : Postal Code 77001 Position Type Full-Time Work Schedule Normal (Based on FT, PT, PRN) CATEGORY ADMINISTRATIVE Location : City Houston Location : State/Province TX

Additional Details

  • Develop a strong understanding of LHC business, information technology and system processes.

  • Examine internal cyber security controls, evaluate the design and operational effectiveness, determine exposure to risk and develop remediation strategies.

  • Plan, implement, monitor, and upgrade security measures for the protection of the organization's assets to maintain confidentiality, integrity, and availability.

  • Participate in the LHC's change management process.

  • Conduct integrated information technology audits, including but not limited to pre/post-implementation phases, privacy, data governance, and cybersecurity reviews using accepted audit and risk assessment frameworks adopted to the LHC environment.

  • Test and identify vulnerabilities, and create countermeasure and mitigation recommendations'/strategies to protect LHC assets.

  • Conduct efficient and effective audit procedures.

  • Communicate complex technical issues in a simplified manner to relevant staff and management.

  • Plan, execute, and document the audit plans. Generate final report showing compliance with LHC cyber security controls. Assure that audit issues and associated root causes are understood, well defined and presented in understandable manner.

  • Perform regular audit control testing and provide recommendations.

  • Review, evaluate, and test information technology application controls.

  • Build automation to simplify the audit control verification and assessment.

  • Provide recommendations and guidance on identified security and control risk.

  • Provide weekly status and metric reporting on work performed and audit control verification.

  • Contributes to drive efficiencies and enhancement opportunities to existing auditing processes and techniques, using data analytics, automation, and other process improvement techniques and ideas.

  • Contributes to budgeting and fiscal management processes.

  • Other duties as assigned.


Required Experience and Qualifications

  • 3+ years' experience as a cyber-security auditor; health care experience preferred.

  • Bachelor's Degree in Information Technology/Computer Science or related degree

  • Working knowledge of NIST CSF, 800-53, ISO 2700X, SOC2 security frameworks

  • Experience with Active Directory, IIS, Windows servers, SQL Server, Firewalls, Routers, WAPs, End Point Security, Virtualization Technologies, VPN, Asset Management, Patch Management, Vulnerability Scanners, Kali Linux, . . .

  • Working knowledge of .Net and/or Powershell

  • Ability to work in a fast paced environment

  • Strong attention to detail with an analytical mind and outstanding problem solving skills.

  • Great awareness of cyber security trends and hacking techniques

Desired Qualifications

  • Certified Information Security Auditor (CISA) certification

  • Certified ISO/IEC 27001 Lead Auditor

  • Cybersecurity Forensic Analyst (CSFA) certification

  • Certified Risk and Information Systems Control (CRISC)

  • Certified Ethical Hacker (CEH)

  • Proven experience in planning and validating Business Continuity

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Consulting Senior Consultant Cyber Security Identity & Access Management

Ernst & Young LLP

Posted 1 week ago

VIEW JOBS 1/9/2021 12:00:00 AM 2021-04-09T00:00 In a rapidly changing IT environment, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. As a part of our Identity and Access Management (IAM) team you'll be right at the heart of that goal, helping clients gain insight and context to their complex IAM environments and assessing, improving, and building infrastructure, processes and policies in order to meet the client's IAM needs. You'll get to use your technical and business skills in order to help us drive this mission and have an impact on cyber security at a global level. The opportunity We currently have a career opportunity for a Senior to be responsible for leading projects or elements of multiple client engagements including service delivery, business development, and related activities. You'll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world. Your Key Responsibilities Our IAM services assist our clients in aligning security management strategy with business goals by managing who has access to which resources and services, as well as enforcing business, privacy, and security policies. Supported by our strategic alliances with third-party vendors, our experienced professionals can provide broad services including: strategy, assessment, testing, and implementation of IAM solutions. Based on your existing experience, knowledge and ambitions, you could have the opportunity to gain experience across a number of our IAM teams, assessing and delivering foundational components of our services. Some of these teams include: Within the Identity analytics & intelligence team, you'll perform assessments in the following areas: * Current state assessments & Application access assessment * Capability maturity and benchmarking assessments * IAM data analytics The IAM strategy team is all about developing IAM strategy and road map comprising of: * Operating model and governance * IAM policies, procedures and standards On our Identity & access transformation team, you'll provide clients with the following: * Design and architecture * Process design and re-engineering * Cloud and mobile apps access management * Access enforcement implementation * Access administration implementation * Elevated access management Also you will help support the Identity and access governance team in: * IAM program management assistance & Privileged access management * Roles and rules management * SOD management and other IAM compliance related activities Skills and Attributes for Success * Knowledge of the current security environment and industry trends to identify engagement and client service issues, communicate this information to the engagement team and client management through written correspondence and verbal presentations * Work closely with engagement manager to co-lead and own multiple parts of the engagement delivery * Ability to consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget To qualify for the role you must have * A bachelor's degree in a related field and approximately 2-3 years of related work experience; or a graduate degree and approximately 2 years of related work experience * Experience in one or more of the following: * user provisioning and identity management solutions including design or implementation of user provisioning technologies (such as CA eTrust Admin, IBM Tivoli Identity Manager, Securonix, Saviynt); * role-based access control including design and development of user access roles; * directory services products including design or implementation (such as Radiant Logic) * web access control solutions including design and implementation of products (such as RSA Cleartrust, CA/Netegrity Siteminder); analysis of Segregation of Duties * An understanding of access control concepts including directory services, SAML, LDAP, PKI * Experience in process definition, workflow design, and/or and process mapping * A valid driver's license in the US and a valid passport required; willingness and ability to travel internationally and a willingness to travel; travel is estimated at 60-80% Ideally, you'd also have * Strong presentation and communication skills * CISSP, CISM, CISA, CIPT, CIPM, CRISC or other relevant certification desired What we look for We're interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. What working at EY offers We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, both pension and 401(k) plans, a minimum of three weeks of vacation plus 10 observed holidays and three paid personal days, and a range of programs and benefits designed to support your physical, financial and social wellbeing. Plus, we offer * Support, coaching and feedback from some of the most engaging colleagues around * Opportunities to develop new skills and progress your career * The freedom and flexibility to handle your role in a way that's right for you * A rewards package tailored to your unique needs About EY As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply today. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law. Ernst & Young LLP Houston TX

Cyber Security Auditor II

LHC Group