This job posting has expired and no longer is available. Please explore other opportunities.

IT Audit Specialist

Los Angeles, CA

At Gensler, we design for people. We leverage our global perspective and local presence to innovate at every scale. We’re not just designers. We’re tinkerers, craftspeople, visionaries, innovators, and thought leaders. Fueled by passion and entrepreneurial spirit, our people bring new ideas to solve the world’s most challenging problems, like designing a more resilient, inclusive, and equitable future for our communities and cities.

 

Our people-centered, “People First” culture and “One Firm-Firm” motto promotes integrated teams that unite to shape the future of cities.  Gensler’s vision is to “Create a Better World through the Power of Design,” and we do that by our deep commitment to our clients and by fostering a collaborative, diverse, and inclusive environment that enables our people to create impactful solutions together.


­­­Your Role

Gensler is looking for a talented IT Audit Specialist who would report to the Global Director of Security Operations in Denver, CO.  This person will focus on operational security compliance pertaining to ISO 27001, 9001, CUI/CMMC and other compliance standards.


This talented individual will apply their experience toward helping our global architecture and design firm with many different compliance needs ranging from internal tracking of ISO compliance to answering client security questionnaires. The candidate would provide a formal understanding of Gensler's efforts to ensure the confidentiality, integrity and availability of information from a US government and regulatory point of view.  An experienced auditor, this person will work with IT Security Operations, HR, Legal and technical software staff to determine status of compliance and assist with improving that status over time.


What You Will Do

  • Provide attestation of compliance and consultancy regarding ISO (e.g., 27001 ,20000-1, 9001), CUI/CMMC and FedRAMP standards
  • Collaborate on the design, implementation, operations and maintenance of enterprise ISMS based on standards, including certification
  • Submit certification packages for FedRAMP products
  • Create and conduct training and awareness sessions regarding standards and compliance
  • Ensure control of requisite documents and records as well as process change requests
  • Serve as a facilitator between an external audit team and internal staff for smooth execution of audit as well as manage closure of any audit findings
  • Provide risk management guidance including for risk assessment, risk treatment, risk acceptance, risk communication, risk monitoring and risk review
  • Generate and maintain required IS security documentation including Systems Security Plans (SSP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures
  • Collaborate with teammates on any security incidents to potentially include data spills, data integrity incidents, and malicious code incidents
  • Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional
  • Manage Risk Management Framework (RMF) processes, product development and product maintenance for assigned systems
  • Closely collaborate with documentation specialists on the team as well as internal financial audit and legal teams.
  • Regularly assist with vendor questionnaires or Requests for Proposals
  • Communicate with various response teams during testing and actual execution of internal procedures for crosschecking policy to practice
  • Other duties as assigned


Your Qualifications

Gensler is a social, collaborative, and entrepreneurial company, so agreement regarding documents generated is just as important as the documents themselves.  A level of technical and social ability is necessary to collaborate, achieve agreement and implement any given policy/procedure, and sometimes compromise is required.

  • Due to government contracts and facility work, US Citizenship is required
  • US Secret Security clearance or ability to obtain clearance is required
  • Experience with Microsoft Windows and Linux systems administration - including security policies and account management - is required
  • Extensive experience with business processes, management structures and technology programs/platforms is required
  • Certified Information Systems Auditor (CISA) or similar professional certification (e.g., CISM, CIA) is strongly preferred
  • 5 years’ experience documenting towards ISO, PCI, HIPAA, SOX or other compliance regulation is required
  • Exceptionally strong oral, written, communication and collaboration skills is required
  • Bachelor’s degree in Computer Science or related field is preferred
  • Candidates should have recent experience auditing/assessing and managing corporate risk pertaining to compliance
  • Candidate is well organized with the ability to self-motivate, multitask and handle competing priorities and interruptions gracefully in a fast-paced environment
  • Candidate should be familiar with privacy standards including Safe Harbor, GDPR and CCPA (California Consumer Privacy Act)
  • Ability to rapidly analyze, prepare and coordinate technical, procedural and policy documents
  • Demonstrably sound judgment in evaluating risk, design and operating effectiveness control tests, root cause analysis and the ability of action plans to remediate any risks identified
  • Experience in presenting technical issues to all levels of management, including non-technical staff
  • Good teamwork skills including effective team interactions, providing timely and constructive feedback, negotiations and problem resolution
  • Ability to work in a highly visible role with daily interactions with multiple roles


The base salary will be estimated between $94-114k plus bonuses and benefits and contingent on relevant experience.


Life at Gensler

At Gensler, we are as committed to enjoying life as we are to delivering best-in-class design. From curated art exhibits to internal design competitions to “Well-being Week,” our offices reflect our people’s diverse interests.


We encourage every person at Gensler to lead a healthy and balanced life. Our comprehensive benefits include medical, dental, vision, disability, wellness programs, flex spending, paid holidays, and paid time off. We also offer a 401k, profit sharing, employee stock ownership, and twice annual bonus opportunities.  Our annual base salary range has been established based on local markets.


As part of the firm’s commitment to licensure and professional development, Gensler offers reimbursement for certain professional licenses and associated renewals and exam fees. In addition, we reimburse tuition for certain eligible programs or classes. We view our professional development programs as strategic investments in our future.

Subscribe to Job Alerts