Key skills
Risk ManagementCommunicationCollaboration
About this role
Role Overview
- Conduct IT Audits: Plan and execute audits of IT systems, applications, and processes to assess compliance with applicable regulations and frameworks (ISO 27001:2022, NIST, HIPAA, GDPR, FedRAMP, etc.)
- Risk Management: Identify, evaluate, and document IT and security risks. Recommend and track remediation activities through resolution.
- Security Monitoring: Support operational security activities by reviewing logs, network traffic, and alerts to detect and respond to potential threats.
- Control Assessment: Evaluate the design and operational effectiveness of technical, administrative, and physical controls across global environments.
- Data Privacy Compliance: Ensure adherence to global privacy regulations, including GDPR and related data protection requirements.
- Reporting: Develop clear, actionable audit reports summarizing findings, risks, and recommendations. Present key insights to IT and management teams.
- Continuous Improvement: Contribute to strengthening ZOLL’s overall security posture and compliance maturity through process optimization and control enhancement.
- Collaboration: Partner with IT, Security, and Compliance teams to support remediation and drive risk management improvements.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience)
- 5+ years of hands-on experience performing IT audits across various frameworks and technologies
- Professional certifications (CISA, ISO 27001 Lead Auditor, CISSP, or equivalent)
- Hands-on experience with IT audit tools, risk assessment methodologies, or GRC platforms
- Proven ability to work independently and take ownership of audit assignments with minimal supervision
- Demonstrated ability to work effectively both independently and in a cross-functional, collaborative environment
- Working knowledge of major security and compliance frameworks (ISO 27001:2022, NIST, HIPAA, GDPR, FedRAMP)
- Strong analytical, communication, and documentation skills with excellent attention to detail
- Familiarity with data privacy and operational security programs
- Experience in multinational or multicultural business environments
Benefits
- Health benefits
- Professional development