Information Systems Audit and Control Association

Employment

If you would like to post an employment opportunity, please review the guidelines and then contact the webmaster. Thank you!

8/30/10

Organization: AT&T

Job Title: Information Technology Auditor

Position Summary: Don't miss this opportunity to join the company recognized by Fortune magazine as the World's Most Admired Telecommunications Company and ranked #2 on DiversityInc's list of 2009 Top 50 Companies for Diversity.

As the largest communications company in the world, more than 120 million customers count on us every day to deliver the wireless, Internet, data and advertising services that fuel their businesses and connect them to their world. You will find yourself connecting communications and technology with opportunities that will take you to places you never imagined.

Job Duties and Responsibilities: This position is responsible for conducting moderately complex audits on current information systems applications. Performs detailed evaluation of data processing systems and operating procedures. Tests systems for existence of and adherence to proper controls and for accuracy. Evaluates the effectiveness of security measures. Determines if data processing procedures conform to corporate policies and standards. Prepares reports on audit results and provides recommendations to management. Works on extremely complex problems where analysis of situations or data requires an evaluation of intangible variance factors. Exercises independent judgment in developing methods, techniques, and evaluation criterion for obtaining results.

Qualifications and Skills:

Required Degrees/Majors/Accreditations/Skills: 3+ years of IT audit experience. Bachelors degree, preferably in Accounting, IT, Finance or Business. If not certified, commitment to pursue audit related certification. Strong analytical, problem solving and communication skills.

Desired Degrees/Majors/Accreditations/Skills: The following certifications are desired: CIA, CPA, or CISA. Also desire Masters level course work in business, finance, accounting, systems and management.

Travel: Minimal

For additional employment opportunities with AT&T, please visit our website at http://att.jobs .

AT&T is an Affirmative Action/Equal Opportunity Employer, and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V

8/24/10

Organization: Missouri Higher Education Loan Authority

Job Title: Chief Information Officer (CIO)

Position Summary: Established in 1981, The Missouri Higher Education Loan Authority ("MOHELA") is a leading national servicer of student loans. Our success for almost 30 years is due to the tremendous efforts of our outstanding staff. MOHELA is currently searching for an outstanding individual to join us as Chief Information Officer.

Job Duties and Responsibilities: The Chief Information Officer (CIO) is accountable for directing the information and data integrity for all Information Technology functions. The CIO is responsible for establishing and maintaining a company-wide information security program to ensure that information assets are adequately managed, planned and protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets federal regulatory requirements and U.S. Department of Education compliance standards.

Provides overall management and definition of all technology and communication activities including responsibility for providing a leadership role in the day to day operations of the Information Technology functions as well as providing direction as the Authority grows.

The CIO interacts with the senior management team to monitor and validate the Authority's compliance with its security policies and federal requirements such as: Federal Information Security Management Act (FISMA), including National Institute of Standards and Technology including SP 800 series (18, 37, 53, 64) and Federal Information Processing Standards (FIPS).

Major Duties:

1. Divisional Management - Provide leadership and operational management for information technology processing needs including computing policy development and implementation; operational procedures; computer security; PC, Mini, and Mainframe equipment, software; communications operations; disaster recovery; provision of programming assistance; and general advice on staff computing needs and training. Develop planning to include intermediate and long range goals and objectives.

2. IT Security - Develop and maintain IT security policies, program, processes, procedures, standards, and guidance consistent with MOHELA standards and federal requirements. Ensure the scope of reviews to make certain that all systems have effective, quality IT security documentation in place, including:

Qualitative risk and security assessments
Current and effective IT security program that conforms to NIST 800 series and is integrated into all areas
System self-assessments that conform to NIST 800 series guidance
Current and tested contingency plans that conform to NIST 800 series
Conduct self-assessments of the IT security program to ensure effective implementation and compliance with established policies, processes and procedures. Informs senior management of findings and associated recommendations to ensure continued compliance with Authority and federal requirements.
Primary liaison on IT related audits conducted by internal audit, financial auditors, and special external auditors as determined. Coordinates audit activities, tracks open issues, ensures timely response to inquiries and issues, debriefs management throughout the process.
Act as the Authority's central point of contact for IT security incidents, develop incident handling procedures, and report all incidents to the responsible incident response manager.

3. Contingency Planning/Disaster Recovery/Business Continuity - Administer, maintain, develop, and implement policies and procedures for ensuring the security and integrity of the Authority's data and quality assurance for a Contingency Plan. Responsible for coordinating the development of contingency policies, plans and procedures to ensure the organization can respond to a disaster so that the critical business functions can be resumed within a defined time frame, the amount of loss can be minimized, and any stricken facilities can be repaired or replaced timely. Acts as an advisory for all aspects of the organization's Contingency, Disaster Recovery and Business Resumption plans.

4. Information Technology and Security Plans - The position is accountable for establishing, implementing, and managing policies, processes and procedures for multiple formal information technology and security plans including, but not limited to:

Security Plan
Configuration Management Plan
Software Development Lifecycle Plan
Security Program Management Plan
Risk Management Plan

5. IT Security Training - Establish a process to ensure that all employees receive periodic IT security awareness briefings and copies of policies of behavior, are trained to fulfill their IT security responsibilities, and understand the consequences of non-compliance. Develop procedures for an IT security awareness and training program for all personnel, including specialized training as necessary for IT Professional Staff.

6. Personnel - Management of Information Technology staff including recruitment, training, evaluation, counseling, discipline, salary recommendations, promotions, grievances, staff assignments, and all other staff issues.

7. Budgeting/Finance - Development and management of budgets and finances for the Information Technology division including preparation of budget recommendations, oversight of computer hardware and software leases and authorization of computer and computer related purchases for MOHELA. Directly responsible for maintaining expenses within budgetary guidelines.

8. Member of Senior Management - As a member of senior management, participate in the formulation, development, and implementation of short, intermediate and long range tactics to achieve strategic objectives. Prepare materials, documents, plans and information as required for the MOHELA Board of Directors and present materials, documents, plans and information to the Board. Also, as a member of senior management, positively represent the organization at external events.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Qualifications and Skills:

Bachelors degree (required) or Master's degree (M. A.)(preferred) in Information Technology or Computer Science and 5 or more years in a senior level information technology position, with a minimum of 2 years leading Information Security Initiatives for small to mid size organizations. Related experience should include working under the Federal Information Security Management Act (FISMA), applicable NIST requirements and Federal Information Processing Standards (FIPS).

CISM [Certified Information Security Manager]; CISA [Certified Information Systems Auditor]; CISSP [Certified Information Systems Security Practitioner]; ISSAP [Information Systems Security Architecture Professional]; or CPP [Certified Protection Professional] certification desired.

Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. This is a highly responsible position that requires both quantitative and interpersonal skills.

Demonstrated ability to serve as an effective member of senior management team and ability to communicate security-related concepts to a broad range of technical and non-technical management and staff.

Experience with systems design and development from business requirements analysis through to day-to-day management.

Demonstrated project management, organization and facilitation skills.

High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment.

Located in Chesterfield, Missouri, MOHELA offers excellent benefits, including:

Medical +Dental +and Vision coverage
401K with dollar for dollar match up to 8% of salary
Pension
Earn accrued Paid Time Off on first paycheck
11 paid holidays each year
Tuition Assistance from 50%-100%
Employee Assistance Program

Please send your cover letter and resume to us at: hr@mohela.com or fax to 636-787-2747.

To build a diverse workforce, MOHELA encourages applications from individuals with disabilities, minorities and veterans.

In compliance with the American Disabilities Act Amendment Act (ADAA), if you have a disability and would like to request an accommodation in order to apply for a position with MOHELA, please call 636.532.0600 x3571, TDD 636.532.5189, or email hr@mohela.com

5/21/10

Organization: Brown Smith Wallace

Job Title: Information Systems Senior Auditor

Position Summary: Brown Smith Wallace is the second-largest locally owned independent accounting firm in the state of Missouri, with offices in St. Louis, St. Charles, MO and Highland, IL and a complement of over 200 employees. The right person can take his/her career to the next level through Brown Smith Wallace’s considerable growth and development opportunities, and by making A Measurable Difference™ to our clients. The Risk Services practice provides services, on an outsourcing and co-sourcing basis, that help clients manage business risk, improve processes and internal controls and comply with the provisions of Sarbanes-Oxley. Our team, which is one of the largest and most diverse groups of its kind in the Midwest, consists of professionals dedicated to providing risk-based advisory services. Our Risk Services group works with public and private organizations of all industries and sizes to make sure they are effectively managing risks inherent to their organizations. Our services range from cutting edge data analysis and information security to fraud prevention and Sarbanes-Oxley consulting.

Job Duties and Responsibilities:

Adept at assessing information technology and identifying risks which warrant audit attention.
Apply information systems control concepts in a wide variety of settings and be able to independently assess the exposures resulting from ineffective or missing control practices.
Be adept at evaluating information system audit results from management's perspective, even when defined criteria or standards do not exist.
Provide appropriate levels of supervision and quality assurance review to assess that work performed by others is competently performed and meets established standards.
Be able to effectively evaluate overall audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence. This applies to both individual technology processes as well as the technology application as a whole.
Effectively communicate audit results, both verbally and in writing, that are persuasive, contextually sound, and understood by the recipient.
Interact effectively with clients, stakeholders, and team members in a wide variety of settings.
Perform a variety of complex tasks and be able to handle multiple assignments simultaneously.
Exhibit creativity and innovation when recommending improvements to departmental audit practices and processes. Encourage and foster a positive workplace.
Be professionalism at all times and display a willingness to learn new concepts and ideas.
Be interested in and willing to travel up to 30%, both domestically and internationally.

Qualifications and Skills:

2– 5 years relevant experience
Bachelor's degree with an emphasis in IT or business.
Professional designations (CISA, CPA, CIA, CISSP) are preferred, but not mandatory.
Effective verbal and written communication, including presentation skills.
Critical thinking and analytical skills.
Be able to contribute individually and as part of a team.

Qualified candidates should please send cover letter and resume to:

Brown Smith Wallace, LLC
Attn: Renessa Foronda
1050 N. Lindbergh Blvd.
St. Louis, MO 63132
314.983.1200
opportunities@bswllc.com

5/21/10

Organization: Brown Smith Wallace

Job Title: Information Systems Staff Auditor

Job Duties and Responsibilities:

Have the ability to perform audit procedures, as well as, investigate, research, and analyze risks.
Possess knowledge of standard concepts, practices, and procedures utilized to assess information technology.
Apply information systems control concepts in a wide variety of technology settings and assess the resulting exposures.
Effectively perform job functions based on supervisor direction, experience, judgment, and pre-established guidelines.
Be able and willing to complete work in a confident, confidential, responsible, and accountable manner within deadlines.
Effectively communicate audit results, orally and written, to be understood by the recipient.
Be able to handle multiple assignments simultaneously.
Be professionalism at all times and display a willingness to learn new concepts and ideas.
Be interested in and willing to travel up to 30%, both domestically and internationally.

Qualifications and Skills:

1 – 2 years relevant experience.
Bachelor's degree with an emphasis in IT or business.
Professional designations (CISA, CPA, CIA, CISSP) are preferred, but not mandatory.
Effective verbal and written communication, including presentation skills.
Critical thinking and analytical skills.
Be able to contribute individually and as part of a team.

Qualified candidates should please send cover letter and resume to:

Brown Smith Wallace, LLC
Attn: Renessa Foronda
1050 N. Lindbergh Blvd.
St. Louis, MO 63132
314.983.1200
opportunities@bswllc.com

5/21/10

Organization: Maritz

Job Title: Compliance Analyst

Position Summary: Supports the Compliance Security division of Maritz Loyalty and Motivation with performing all necessary activities to assess and enforce compliance in the business and information technology environments for the assigned business unit. Assists in ensuring that the user community understands and adheres to necessary policies to maintain security compliance. Under general supervision, controls, develops and implements measures to obtain/maintain (internal and external) regulatory compliance as it relates internally and in support of client programs. Reports to a Director level in Operations in Loyalty and Motivation. Interacts with Market Teams as required. Collaborates with MGTS Infrastructure and Application Development. Partners with outside suppliers in support of mission critical client audits. Works closely with external auditors on onsite client audits.

Job Duties and Responsibilities:

COMPLIANCE MANAGEMENT: (1) assists in the implementation and enforcement of Compliance Practices and Procedures. (2) Assists with identifying, reporting, and resolving compliance violations. (3) Evaluates and recommends new compliance technologies, processes and methodologies. (4) Develops and communicates compliance awareness materials to user community. (5) Develops, implements and enforces Compliance Practices and Procedures.

AUDIT MANAGEMENT: (1) Coordinates security/audit assessments with client teams and Compliance Manager. (2) Partner with outside suppliers to support our mission critical audits. (3) Responsible for handling and coordinating extensive onsite client audit requests. (4) Develops and manages the creation of a knowledge database that supports streamlining RFP responses with readily accessible information for Solution Design.

BUSINESS CONTINUITY PLANNING/ DISASTER RECOVERY: (1) Meets and collaborates with department level stakeholders to uphold the Loyalty and Motivation Business Continuity Plans in preparation for annual reviews. (2) Collaborate with the Market Teams to ensure consistent due diligence in preparation for audits such as SAS70 and PCI, etc. (3) Develop and Manage client expectations for all requested Premier Disaster Recovery plans.

Qualifications and Skills:

Bachelor's degree in related field, preferably in Information Technology, Information Systems, or Computer Science.
CISSP/CISA/GIAC certification preferred.
Strong analytical, organizational and planning skills.
2-4 years experience in information security process design, implementation or operations with increasing responsibilities.
Knowledge of PCI DSS, SAS70, Disaster Recovery/Business continuity.
Excellent verbal and written communication and presentation skills.
Must be able to weigh business needs against compliance/security concerns and articulate issues to management.

If interested, please go to http://www.maritz.com/About-Maritz/Join-Our-Team.aspx and select Current Openings (Req Num 3307).

5/21/10

Organization: Criminal Justice Information Services

Job Title: CJIS Security Manager

Position Summary: This position is responsible for highly technical, supervisory and administrative work in developing, directing and implementing an information technology (IT) security, network security and audit section within a large technical division.

Job Duties and Responsibilities: An employee in this position is the Information Security Officer (ISO) for the State of Missouri, which includes ensuring/documenting technical compliance with the FBI’s CJIS Security Policy. This position will be responsible for planning, coordinating and executing a security plan for the criminal justice information technology projects. This person is responsible for the implementation, direction and execution of a highly sophisticated security program for the agency, which monitors and affects a number of technical environments within the Information Systems Division. This person will be responsible for project plan development and management. This position requires frequent coordination and interaction with ISD, troops, divisions and other state, local and federal agencies, as well as vendors and contractors. General direction is received from a superior, but the employee is given wide latitude for using independent judgment and initiative in attaining overall objectives.

Qualifications & Skills: Four years experience in the IT security management field plus extensive knowledge of electronic data processing audit procedures, including a CISA certification or commitment to become certified within one year of employment AND a minimum of two years supervisory experience AND graduation from an accredited four-year college or university required in one of the following fields: Computer Security, Computer Science, Computer Information Systems, Math, Accounting, Business Administration or closely related area, with a minimum of 15 hours of IT-related coursework

The Missouri State Highway Patrol is an equal opportunity employer. All qualified applicants will be considered for employment without regard to race, color, religion, sex, national origin, age, disability status, or any other non-merit factor.

Click here for a detailed job description and application procedures.

5/14/10

Organization: Edward Jones

Job Title: Senior Information Systems Auditor

Position Summary: Are you ready for a fast-paced career that offers lots of rewards and challenges? Edward Jones, ranked one the nation's top employers by Fortune magazine, is seeking a highly motivated individual to serve as a senior information systems auditor. Candidates must possess at least four years of experience as an Information Systems or Information Technology auditor and must have or be willing to obtain Certified Information Systems Auditor certification.

Job Duties and Responsibilities:

Audit Information Systems operations, application development projects and technology infrastructure development projects to determine adherence to established firm procedures and policies and sound risk-management practices.
Responsible for working independently on own projects, as well as acting as leader/mentor to less experienced auditors on the team.
Responsibilities include developing audit scope, evaluating technical and business risk, preparing work plans, performing and documenting audit test work, developing meaningful and/or value-add recommendations, conducting meetings, giving presentations and assisting with internal departmental activities as required.
Responsibilities also include promoting good working relationships with associates and leaders within Information Systems and other divisions and other duties as required by the leader.

Qualifications and Skills:

Four year undergraduate degree in Business or Information Systems or related program.
A master's degree is preferable but not required.
A minimum of 4 years IT audit experience required or some combination of IT and relevant audit experience considered. Public Accounting background or experience in Information Systems a plus.
The candidate must have or be willing to obtain Certified Information Systems Auditor certification.
Other technical certifications, such as Microsoft certifications, are highly desirable.
The CPA designation is a plus.
Public accounting experience is a plus.
Industry experience is a big plus.

If interested, please go to www.edwardjones.com/careers and apply referencing job number 325608.