Datasite is where deals are made. We provide the data rooms and SaaS technology used in M&A and other high-value transactions, to deliver projects in more than 170 countries. Carrying that success into the future is all about you. Your useful skills, your unusual experience, your unique ideas. Everyone here brings something unexpected. What's yours? Invest your talents in us, and we'll return the compliment.
The Information Systems (IS) Auditor serves as a trusted advisor when assessing internal systems and controls, as it pertains to ISO 27001. We are looking for a motivated self-starter who will work alongside compliance and risk teams to identify and verify risks to systems and data, and ensure teams are cognizant of any deficiencies and working toward addressing findings. In this position, the IS auditor will regularly review, evaluate and verify controls, and then document and report based on the state of the engagements.
Preferred location is Minneapolis, MN; remote based position with ability to work on-site when required.
- Maintain and support internal audit department practices and processes with detailed reporting and accompanying technology recommendations.
- Uncover, validate and document deficiencies in risk management, technology and cybersecurity practices.
- Work closely with Information Security leadership to ensure cybersecurity and audit policies and practices as defined in global and industry standards are aligned with an appropriate level of risk.
- Familiarity with one or more compliance standards, including Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), National Institute of Standards and Technology (NIST) and International Standards Organization (ISO) 27001.
- Be actively informed and engaged in upcoming and completed security projects across the business.
- Enforce a strong security culture mindset set forth by risk management, ensuring uniformity across technical teams, business units and employees.
- Foster strong relationships with internal business units and excel in risk management, technical controls and cybersecurity communication.
- Remain up-to-date on security threats, vulnerabilities and mitigations set forth by IT and security teams to reduce the corporate attack surface.
- Specify guidance on key risk indicators and ITGC testing methodology, validation and alignment with policies.
- Support and liaison with external examiners for assessments throughout the year and at end-of-year evaluations.
- Bachelor's degree in computer science, information assurance, or related technical field or business administration preferred, but not required.
- 2+ years' IT Audit or cybersecurity experience (or IT coupled with cybersecurity).
- Strong written and verbal communication skills across all levels of the organization.
- Skilled at working with diverse teams and promoting enterprise-wide risk management rigor and security-first culture.
- High level of integrity, trustworthiness and confidence to represent the company and risk management leadership with the highest level of professionalism.
- Project management, multitasking and organizational skills.
- Ability to preserves credibility with the team through sustained industry knowledge.
- Applicable knowledgeable with national and global cybersecurity policies, regulations and security frameworks.
- Demonstrated understanding and comprehension of a wide range of compliance and technology frameworks.
- Self-starter requiring minimal supervision.
- Highly organized and efficient.
- Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.
This job has expired.
- CISA highly recommended
- ISO 27001 Certified Practitioner recommended (or ability to obtain certification within 1 year)
- CISSP, CISM, CRISC preferable, but not required