Senior Manager - Information Security - IT Audit
- Location BENTONVILLE, AR
- Department Technology & Software Development
- Team Information Technology
- Employment Type Full Time
- Position Salary
- Requisition 762411BR
What you'll doAbout us:
What started small, with a single discount store and the simple idea of selling more for less, has grown over the last fifty years into the largest retailer in the world. Today, nearly 260 million customers visit our more than 11,500 stores under 65 banners in 28 countries and e-commerce sites in 11 countries each week. With fiscal year 2015 net sales of $482.2 billion, Walmart employs 2.2 million associates worldwide – 1.4 million in the U.S. alone. It’s all part of our unwavering commitment to creating opportunities and bringing value to customers and communities around the world.
Leads audit plan development for Information Security Audit engagements by identifying the technology behind the business process subject of the audit; identifying cyber risks threatening accomplishment of process objectives; determining the severity risks with regard to likelihood of occurrence and business impact; developing audit tests to assess the effectiveness of controls; employing data analytics technologies; assigning associates to execute portions of the technical audit plan.
Designing and developing strategies and tools to enhance audit efficiency and effectiveness leveraging IT industry expertise; applying relevant information security frameworks and best practices (for example ISO 27001/2, NIST, COBIT, OWASP Top 10, etc.) in areas of high complexity and emerging technologies.
Provides subject matter expertise in information security by ensuring comprehensive approaches to multiple audit projects; identifying IT audit work programs and control testing processes; developing and delivering training to internal and external teams; and reviewing technical aspects of audit projects.
Demonstrates ability to discuss and understand information security issues in areas such as vulnerability assessment, penetration testing, identity and access management, web application security, secure network architecture, data protection and internet networking in general (i.e. TCP/IP, DNS, routing, etc.)
Drives project deliverable completion by reviewing and overseeing the completion of audit workpapers, approving the severity and disposition of identified control weaknesses; reviewing compensating controls and offering recommendations on mitigation effectiveness; ensuring solution proposal, communication protocol, and communication effectiveness; leading closing conferences; and managing the follow up on remediation issues.
Leads technical functions to support information security audits by coordinating with process owners to identify and test controls; validating process documentation; analyzing IT and business information to identify improvement opportunities; working with the company's external auditors to ensure testing of regulatory compliance controls (Sarbanes-Oxley IT General Controls program); determining the technical components to be evaluated as a result of business compliance requirement and testing methods; and building foundations for aligning approach and technical scope with the company's external auditors. Maintains and advances industry expertise by reviewing new technologies; and participating in continuing education and training (for example, relevant industry certifications, forums).
Provides supervision and development opportunities for associates by selecting and training; mentoring; assigning duties; building a team-based work environment; establishing performance expectations and conducting regular performance evaluations; providing recognition and rewards; coaching for success and improvement; and ensuring diversity awareness.
8 plus years of experience in information security with internal audit emphasis preferred
2 years of supervisory experience.
Information systems certification or licensure (for example, Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Systems Manager (CISM)).
Financial certification or licensure (for example, Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE)).
1 year of public accounting experience in assurance or internal audit.
"I feel like my manager wants to help me become a better developer and a better person overall."
Hello, NW Arkansas
With over 200 miles of trails, an emerging locally-sourced food scene, the world-renowned Crystal Bridges Museum—NWA has something for everyone.Discover NW Arkansas
Crystal Bridges Museum
Celebrate the American spirit in a setting that unites the beauty of art and the power of nature.
Walton Arts Center
Arkansas' premiere center for visual arts and entertainment.
An interactive children's museum that's fun for the whole family.
42 acres of premiere public garden space.
Devil's Den State Park
Located on 2,500 acres, Devil's Den State Park is the perfect place to explore Arkansas' natural beauty.
- come together
The best of shopping and restaurants, right in the heart of Fayetteville.
All the benefits you need for you and your family
- Multiple health plan options
- Vision & dental plans for you & dependents
- Associate discounts in-store and online
- Financial benefits including 401(k), stock purchase plans and more
- Education assistance for Associate and dependents