Job Description
In a specialized auditor role, an information security auditor is responsible for evaluating and reporting on the security and effectiveness of IT systems and related controls in support of organizational information/data security, IT systems, and their components. The audit conducted is often reported to a senior manager with recommendations for changes or improvements.
Responsibilities:
● Providing an independent or internal review of security controls and information systems.
● Testing the safety and effectiveness of individual components of cybersecurity defenses.
● Providing an overview of the audit process.
● Executing Information Security audits.
● Evaluating internal security systems, controls, and policies.
● Ensuring compliance with applicable laws and regulations.
● Writing technical reports that analyze/interpret audit results.
● Writing stakeholder reports that use accessible language to explain the process and recommendations.
● Information security internal auditing.
