Security Analyst - Internal Control Testing
Des Moines, IA 50309 | Direct Hire
A leading global provider of banking and financial solutions is seeking an experienced IT Security Analyst, with experience in COSO internal control testing, for an exciting career opportunity in the Des Moines, IA metro area.
The ideal candidate will have at least 3-4 years of COSA internal control testing experience in the banking and/or financial services industry.
- Analyzing and evaluating information technology (IT) security risks and controls
Assessing compliance of COSO based policies for IT controls impacted by internal controls over financial reporting (SEC and Regulatory Reporting)
- Performing COSO testing of key ITACs and ITGCs, including design effectiveness assessments and operating effectiveness testing
- Strategic planning for on-going IT control compliance with COSO policies
- ? Performing IT audits, IT risk reduction recommendations, general IT control reviews, Service Organization Control (SOC)/ SAS 70 audits
- Implementing solutions based on control weaknesses
- Developing policies and procedures as it relates to information systems controls
- 4-5 years of experience in COSA IT security control testing in the banking and/or financial services or investment industries.
- Must have experience conducting IT Audits, information security assessments and IT system control testing.
- ? Must have experience with COSA policy process and control testing.
- Experience with major ERPs (Oracle, PeopleSoft, MS Dynamics, NetSuite, JDE, etc.) i a nice to have.
- Experience with major operating systems and databases?
- Strong verbal and written abilities
- Strong multitasking and project management skills
- Knowledgeable regarding Sarbanes-Oxley Act, Service Organization Control
- Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices
Education and Certifications
- Bachelor' s degree in MIS, Business or Accounting
- COSA Internal Security Control Certification highly desired.
- CISA, PPM, CISSP, GIAC and/or relates security audit certifications are highly desired.