IT Audit – Access Reviews
Location : Short Hills, NJ – Remote
Length: 4+ months
Roles and Responsiblities:
- Project Manage engineering/IT/infrastructure (CTO) applications access review
- 27 applications (confirmed list will be provided)
- Ensure each system owner knows what they are responsible for and when they must deliver.
- Track the progress on their delivery.
- Ensure on time delivery.
- Ensure escalation if the team is not able to deliver due to technical or resource constraints
- Reporting system status in the review process to management on a daily basis (acknowledged, submitted, approved, etc.)
- Help identify Segregation of Duties for our systems and document that information
- Identify and document toxic access combinations for our systems and validate with the key business or tech stakeholders
- Identify and document privileged access combinations for our systems
- Identify methods to reconcile – identify toxic access combinations and remove them or create a control
- Educate the CTO org system owners on toxic access combinations and privileged access
- Identify ways to prevent toxic access combinations
- On-shore resources required
- SOC/SOX/MAR Experience
- HIPAA Experience
- Cloud experience required, AWS experience greatly preferred
- Must have a minimum of 4-5+ years of experience working on SOC/SOX/MAR IT controls, with the proven ability to think on their feet and operate independently in ambiguous environments with little-to-no oversight – Problem Solver / Fixer mentality.
- Can consistently identify compensating controls & mitigating strategies on their own. Can provide advice based on previous experience working for insurance clients/companies.