Internal IT Auditor, Consultant

Blue Shield of CA
Rancho Cordova, United States of America
13 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Rancho Cordova, United States of America

Tech stack

Artificial Intelligence
Software System Penetration Testing
Unix
Control Objectives for Information and Related Technology (COBIT)
Information Leak Prevention
Disaster Recovery
Information Technology Audit
Intrusion Detection and Prevention
Windows Server
Security Log
Security Software
Solaris (Operating System)
TCP/IP
Generative AI
Information Technology
Machine Learning Operations

Job description

The Consultant, Internal Audit (Technology / IT Audit) independently leads and executes complex audit and advisory engagements across technology environments. This role serves as a subject matter expert in IT audit and cybersecurity while providing strategic insight and guidance to management. The Consultant is accountable for delivering end-to-end audit work and acts as a trusted advisor to Director-level leadership and stakeholders.

Requirements

  • Requires a bachelor's degree or equivalent experience
  • Requires a minimum of 7 years of prior related experience
  • Advanced understanding of technology, IT concepts and principles and the ability to leverage this knowledge to recommend effective solutions
  • Advanced knowledge of security software programs and implementation
  • Advanced knowledge of TCP/IP and networking (LAN, WAN and Wireless)
  • Advanced knowledge of key information technology risks and controls and available technology-based assessment techniques
  • Advanced knowledge of major risk assessment methodologies and security frameworks such as ISO, COBIT, COSO
  • Advanced knowledge of major operating systems such as UNIX (e.g., Solaris) and Windows servers (2000, 2003)
  • Advanced knowledge of major security tools and technologies such as intrusion detection and prevention systems, data loss prevention and identify management
  • Advanced knowledge of Security Incident Management, Business Continuity/Disaster Recovery, Personnel Security, Physical and Environmental Security processes
  • Working knowledge of AI tools, models, and platforms (e.g., generative AI, ML systems), including associated risks, controls, and governance consideration
  • Knowledge of computer forensics, penetration testing and hacking techniques
  • In-depth knowledge of security log analysis
  • Strong knowledge of security regulations including HIPAA / HITECH, SOX, PCI, SB1386, AB1950

Apply for this position