IT Security Auditor (SWIFT & CSCF Cybersecurity Framework)

Full Time Ontario IT / Internet

Job Overview

  • Company Name Teamrecruiter.com
  • Job Start Date Thu, 24 Aug 2023 03:08:47 GMT
  • Job Type Full Time - Permanent
  • Job Source Careerjet

Job title: IT Security Auditor (SWIFT & CSCF Cybersecurity Framework)

Job description: One of our major clients is looking for an IT Security Auditor (SWIFT & CSCF Cybersecurity Framework)

Length: 20 days contract with the possibility of extension

Location: Remote, Ontario

‘The start date of this job is flexible and in order to find the best candidate the job may remain open much longer than the date mentioned on this posting… or you may be asked to start sooner than the expected start date if you are able to do so !’

Please read the job description below. If this interests you, please send a MS-Word version copy of your resume (ASAP) along with a telephone contact number: E-mail to employed@teamrecruiter.com

Please mention the job title above in the subject line

The recruiter in charge of this role is Manvir

After you have submitted your resume via e-mail please complete the application for this specific job by clicking ‘Submit Your Resume for this Job’ at the bottom of this page to match your resume to the job.

If you are interested in further opportunities, why not also do a general registration in our database. By visiting our website and clicking on ‘Database Registration’

If you do not think you are a match for this opportunity, but know someone who is, feel free to forward this email to them and you will be eligible for a referral bonus upon a successful hire.

Requirements:

BACKGROUND

SWIFT requires an annual independent attestation to be performed by an external party assessor with the required designations and previous experience with the SWIFT framework. Internal Audit team assists with this attestation annually by revising process control descriptions, gathering key documents and facilitates the assessment with process owners. An external “Lead Assessor”, with required industry-relevant professional certifications (as per SWIFT’s Independent Assessment framework) is needed to review and formally assess the mandatory controls.

SWIFT has specific requirements therefore the Proposed Assigned Persons (Resources) must have previous SWIFT experience and one of the industry-relevant professional certifications as set out below.

DUTIES AND RESPONSIBILITIES:

The key duties and responsibilities include, but are not limited to, the following:

Asses all mandatory controls as set out in the CSCF version of the applicable year, in line with architecture type and infrastructure. Assessor to perform a point in time evaluation of control effectiveness.

Act as “lead assessor” and perform quality assurance work, including reviewing the working papers and audit evidence gathered by Internal Audit team.

Perform additional audit procedures, according to professional judgement and as required (e.g., interviews with the SWIFT team) to get comfortable with the results of the work performed.

Document their notes and assessment work in SharePoint online, according to IIA standards.

Review and complete on the SWIFT CSCF Assessment Template for Mandatory Controls, obtaining adequate supporting evidence.

Complete and sign a completion letter confirming that the assessor was engaged by to assess compliance level against the Customer Security Controls Framework.

Provide a formal report describing the assessor’s cleared confirmation of compliance for each mandatory control (including how they came to compliance conclusion) along with documentation of observed implementation defects for non-compliance subject to remediation.

Qualifications:

KNOWLEDGE/ EXPERIENCE REQUIREMENTS:

The candidate must have the following requirements, at a minimum:

Previous experience knowledge / performing SWIFT assessments;

At least five (5) years of experience as an Internal Auditor / IT Auditor / External Auditor or equivalent;

One of the following industry-relevant professional certification PCI Qualified Security Assessor (QSA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ISO 27001 Lead Auditor or System Administration, Networking, and Security Institute (SANS) GIAC (Global Information Assurance Certification); and

Relevant experience, within last 24 months, to execute a cybersecurity-oriented operational assessment toward an industry standard such as PCI DSS, ISO 27002, NIST SP 800-53, SOC-2, the NIST Cybersecurity Framework or simply CSP/CSCF. Other industry standards are permissible if they provide the same level of robustness.

Valid Reliability level security clearance

The following requirements are considered an asset:

Experience with SharePoint Online would be an asset.

Please note that this is the most up to date version of job description available at this time – During Client Interview you will receive additional information – variance may apply !

When you have some time please register in our database (5 minutes process) to be considered for future openings; the link is available on our website at http://www.teamrecruiter.com in the Candidate section. Please follow us on LinkedIn at https://www.linkedin.com/company/teamrecruiter.com/, or on Twitter at https://twitter.com/TeamRecruiter.

We thank all applicants for their interest. Only those who meet the qualifications will be contacted through telephone/email. You are encouraged to register with us in our database to be considered for future positions available.

Have a great day.

At Teamrecruiter.com we offer some of the most highly qualified professionals in the workforce. We dedicate an industry trained recruitment specialist to the following areas: IT, Finance, Admin, Sales, Executive Search and Contractors. If you would like to learn more about our full-service recruiting firm please visit our website at www.teamrecruiter.com.

CAMSC and ACSESS certified

“…All Offers are conditional on Client Post-Offer Conditions being met and removed by end client prior to written offer signing”

“Please note that emails from our Recruitment Firm may inadvertently be sent to your Spam Folder. When contacted regarding an employment opportunity, please keep an eye on your Spam/Junk Folder to avoid missing important communication.”

THE EMPLOYER OF RECORD FOR THIS ROLE WILL BE TEAM RECRUITER / SE.

Accommodations are available upon request for all individuals with disabilities taking part in the recruitment and selection process.

Source:

Apply for this job
Share:

Search Job

JobAdvisors.ca provides a centralized location for employers and job seekers. We update industry job trends, prospects and other vital information, from verified sources, for both Jobseekers and Employers and promote the content in multiple social media channels.

Follow us on:

    

T&C

Terms & Conditions