Senior Cyber Security/Information Security Auditor - Chicago loop!

Buckingham Search - Chicago, IL

Are you experienced in Cybersecurity IT Audits and seeking an opportunity with a world-class organization in downtown Chicago? This might be the perfect role for you!

A Fortune 500 financial institution is hiring a Senior IT Auditor focused on Cybersecurity/Information Security to their robust IT Audit team!

Things to get excited about:

  • Annual reviews and bonuses
  • Ability to move to other teams or get promotions after one year in a position
  • Full dental, vision, life, disability insurance
  • 401k contributions on day 1. Match on day 90.
  • Pension Plan contribution
  • Alternate work options (work from home a couple of days a week after 90 days)
  • 20 PTO days, and all banking holidays
  • Family programs: including adoption assistance, Maternity leave, paternity leave, Lactation program, child development center on site, School visitation time
  • Tuition Reimbursement
  • Onsite gym and gym discounts across the city
  • Legal assistance, counseling, and other professional services


  • Establishes and develops strong working relationships and open communication with key stakeholders
  • Provides training, coaching, and auditing expertise to the audit team
  • Accountable for own assignments and holds others accountable for theirs including proactively managing expectations
  • Identifies risk and controls within processes, and provides risk assessment
  • Leads internal audit projects related to IT general controls, information security/cyber, pre/post system implementation, IT governance, and operational areas; drives consistency of methodology
  • Assists with the development of the audit budget and/or timeframe for how the audit will be completed based on the objective and risk of the areas covered within the engagement
  • Finalizes planning documents and conducts first level review of planning documents as required
  • Coordinates with other audit teams (business unit, regional, and specialist) to ensure evaluations of related areas occur timely and cover key areas within the audit
  • Demonstrates professional skepticism and comfort with questioning how certain processes are being performed in order to facilitate making improvements
  • Applies analytical skills to review information, performs assessments of the audit results, and evaluates the adequacy of controls
  • Reviews the work papers of the audit team members ensuring that departmental standards have been met
  • Communicates the audit status to business unit stakeholders and Audit Services management
  • Drafts findings and recommendations for the purpose of status updates, memos, and audit reports
  • Maintains technical competence by ongoing training, seeks development opportunities and applies new knowledge to daily work assignments


  • 4+ years of IT auditing and systems experience with a focus on information security and cyber security controls (e.g., NIST Cyber Security Framework controls)
  • Bachelor’s degree required
  • Solid understanding of Information Technology General Controls (ITGC) and non-ITGCs (e.g., Configuration Management, Vendor Management)
  • Solid understanding of Information Technology Service Management (ITSM) controls (e.g., Incident Management, Problem Management)
  • Skills as needed to perform testing of design and operational effectiveness of application controls (e.g., Interface Controls)
  • Knowledge of the operations, functions, and objectives of interfacing areas is required to properly audit operations, services, systems, workflow, and operational impact on other areas
  • Operates independently; has in-depth knowledge of business unit/function
  • Knowledge of systems software applications and databases common to the mainframe and distributed environments, such as UNIX, iSeries, and Windows is a plus
  • Understanding of networks, routers, and firewalls is also a plus
  • Certified Information System Audit (CISA) certification is preferred. Additional certifications such as Certified Information Systems Security Professional (CISSP), or other related certifications is a plus

Posted On: Friday, September 25, 2020

Apply to this job