Information Systems Auditor Job in San Francisco 94103, California US
Advent Software, Inc.(NASDAQ:ADVS), the leading provider of automated solutions for investment professionals, is seeking an experienced information systems security and controls auditor to join the risk management, security, and audit function.
Job Responsibilities
- Actively participate in the planning, organization, execution, and documentation of Information Technology audits, including development of audit programs
- Manage the planning and execution of annual Sarbanes-Oxley audit of IT general controls
- Evaluate the IT controls, processes and the associated IT and business risk of the Company
- Work closely with external auditors
- Manage the design, planning, execution, and production of the annual SOC1/SOC2 audit of the data processing systems
- Perform IT applications security reviews of new IT products and services to ensure adequacy of security, regulatory compliance, and conformance with IT general controls
- Prepare and deliver security awareness training and topic workshops to Advent personnel, partners, and vendors
- Maintain working knowledge of security products to identify and scope opportunities for deployment
- Monitor and report on privacy and security legislation, regulations, and standards
- Manage the IT security program, policies, and general controls, including policy maintenance, training, and compliance monitoring
- Work with multiple functional areas to develop and implement security improvement initiatives
- Create and deliver high quality communications to clients on security, compliance, and audit issues as needed
- Work with client vendor management groups on questionnaires, and site inspections
- Perform and analyze vulnerability assessments and penetration tests using generally accepted tools and OWASP/MITRE. Analyze results and recommend remediation.
- Research and implement penetration testing and secure coding tools
- Perform IT risk assessments and security reviews as needed
- Perform and document internal audits of components of Advent's business continuity and disaster recovery program as needed
- Review and certify periodic secure equipment retirements and recycling in accordance with industry standards
- Design and execute procedures to determine the operational effectiveness of internal controls
- Maintain and update controls documentation ensuring proper support for changes and test results
- Domestic and international travel to Advent offices, data centers, conferences, and events is required
Qualifications Requirements
- Experience with IT risk assessments, control auditing, and IT security assessments
- 5-7 years professional experience with 2-5 years of security, non-public personal data privacy, and information systems auditing is preferred
- Experience with IT General Controls, the requirements of Sarbanes-Oxley Section 404, Auditing Standard #5, and internal control frameworks
- Experience with creating SAS70/SOC1/SOC2 reports a plus
- Comprehensive understanding of the IT risk management and security field
- Knowledge of security frameworks and compliance regulations
- Experience with the phases of the software development lifecycle is preferred
- Experience with intrusion detection and systems and event management tools is preferred
- Experience with vulnerability scanning and penetration testing tools is preferred
- Competencies:
- Demonstrated planning and execution skills with attention to detail are required
- Experience working with customers in a demanding environment
- Superior communication skills, both written and verbal
- Strong interpersonal skills and team player to build and maintain business relationships throughout the company
- Ability to think and work analytically, including strong problem solving skills
- Ability to develop and clearly document new policies and procedures
- Must be capable of working with limited direct supervision
- Certification in security, risk management, or information systems auditing from ISACA, (ISC)2, SANS, CompTIA or equivalent strongly preferred
- Knowledge of computer security issues, including network and host application vulnerabilities
- Experience in Oracle Financials, UNIX, Windows 2008, Linux, C#, or .Net strongly preferred
- Bachelor’s degree in a field involving analysis and problem solving is highly preferred
If you enjoy working with knowledgeable, success oriented people, for a company that both challenges and respects its professionals then apply today.
Why work for Advent?
- Experience
- 25+ years of successfully providing mission critical, reliable, trusted solutions to investment management organizations of all sizes
- Stability
- 4,500 clients worldwide with over $16 trillion managed with our systems
- Offices located in San Francisco, New York, Boston, London, Amsterdam, Stockholm, Dubai and Beijing
- Innovation
- Commitment to innovation, which is inspired by client and industry needs
- Reputation
- Ranked in the top 15 on the list of 100 Best Places to Work in the Bay Area by the San Francisco Business Times- 5th year in a row!
- Advent has made the San Francisco Business Times’ Top Corporate Philanthropists in the Greater Bay Area list 2009, 2010 and 2011
This is a full time, salaried staff position with Advent Software, Inc., where highly skilled professionals power the market in automated solutions for investment professionals. A competitive compensation and comprehensive benefits package includes equity compensation, 401(k) w/match, employee stock purchase, and domestic partners coverage. For over 25 years, Advent has revolutionized professional money management. Join us as we shape the future of the financial services industry.
Local applicants strongly preferred.
Principals only please. NO AGENCY CANDIDATES WILL BE CONSIDERED. Please apply direct to Advent. No phone calls please.
Advent Software, Inc. is an equal opportunity employer, committed to a diverse workforce.
June 9, 2009
• Tags: California Us, Information Systems Auditor Job in San Francisco 94103 • Posted in: General