Jobs for People with MS: National MS Society

This role will be responsible for performing risk assessments and internal audits, including associated tasks (e.g., risk assessment, data collection and filing, issue/risk log, timely reporting of results, etc.). The activities include working with cross functional teams to ensure the appropriate design and effectiveness of Cornerstone controls, coordinating internal assessments/audits, contributing to policy and standards updates, responding to customer assessment/audit requests, and producing risk/audit/compliance reports, metrics, scorecards and dashboards.

In this role you will..

• Work closely with the global Security and Compliance Team to implement security standards across the organizationPerform IT audits, security compliance and risk assessments in all areas of the organization in line with the global Internal Audit schedule

• Ensure audit findings and evidence are collected, reviewed, remediated, and presented in a clear and concise mannerDocument quality audit procedures, recommend remediation plans and liaise independently with stakeholders to validate implementation

• Publish and present timely and quality audit reports and risk assessments

• Interface and partner with cross functional leaders from engineering, operations, IT and other functions on designing effective controls to improve security compliance and manage risk

• Identify business, cybersecurity and technology risks, evaluate internal controls to treat risks, and develop opportunities to continuously improve internal controls

• Work with control owners to ensure control objectives and activities meet compliance standards for effectiveness and evidence, and ensuring operational efficiencies

• Work with Cornerstone’s external audit partners and cross functional teams to schedule appropriate internal audit testing and/or risk assessments

• Recommend updates to security policies, standards and procedures to address new industry practices, requirements and standards based on security and compliance requirements

You’ve got what it takes if you have..

• More than 3 years of experience in information security, compliance, audit and/or risk management

• Experience performing IT / Information Security audits

• Experience in auditing IT general controls, including logical security, physical security, change and problem management, data backup, and disaster recovery

• Experience performing security risk assessments and developing risk mitigation strategies

• Adequate knowledge of latest security tools, technologies and control best practices for I&AM, encryption, system hardening, anti-malware, data leakage prevention, IDS/IPS, network architecture security, vulnerability management, etc.Experience with major security frameworks (e.g., ISO 27001, SSAE 18, NIST, PCI DSS)

• Exposure to auditing and/or securing leading cloud PaaS technologies platforms such as Amazon AWS, Google Cloud and Microsoft Azure

• Maintain or planning to obtain professional certifications, such as CISA and ISO 27001 Lead Auditor/Implementer

• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism

• Excellent data analysis, documentation and articulation skills

• Excellent communication, presentation and collaboration skills

• Proficient with Microsoft Word, Excel, Access and other MS Office tools

• Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment

• Consideration for privacy and security obligations

#LI-Onsite

Equal Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, color, gender, age, sexual orientation, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at careers@csod.com