Cybersecurity Auditor

Who We Are

Kyndryl is a market leader that thinks and acts like a start-up. We design, build, manage, and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers, and our communities.

The Role
- Assist in the development of the cybersecurity risk universe, cybersecurity taxonomy and related cybersecurity audit programs
- Performs risk-based, objective, and independent cybersecurity audits of enterprise systems, infrastructure, and security controls
- Implements a cybersecurity audit framework to give reasonable assurance of design and effectiveness of IT controls, settings in IT environments in assuring audit engagements
- Performs of all phases of the cybersecurity audit engagements, including, but not limited to, planning and scoping, identification and evaluation of risks and opportunities, developing and conducting testing to evaluate the design and the effectiveness of processes and controls, identifying and reporting findings, suggesting recommendations for improvements to Kyndryl’s processes and systems and following up with audit client remediations
- Provide strong analytical and critical thinking skills to identify root cause of issues and develop recommendations to improve security posture
- Analyze complex problems/issues, anticipate potential risks and impacts. Develop and recommend solutions
- Demonstrate clear and effective verbal, written and oral communication skills to report out on cybersecurity audit status and/or issues to Kyndryl leadership
- Assists with other projects and various administration tasks as they may arise

Who You Are
- Undergraduate or master’s degree preferable in one of the following areas: Information Security, Information Systems, Computer Science
- 3+ years of direct experience related to cybersecurity, risk management or IT audits
- Possession of at least one of the following certifications: CISA, CISM, CISSP, or other relevant certification
- Strong knowledge of cybersecurity regulations, laws, and standards
- Familiar with frameworks such as COBIT, ISO 27001/2, NIST, SOX, and General security practices
- Understand and execute the audit process using a risk-based audit approach, understand the objective, perform analysis of the process and associated risks, develop and conduct formal testing to determine if controls are effective to mitigate or manage risks, communicate the impact for achieving objectives, and develop recommendations, preparing a final report that communicates an effectiveness status for each risk
- Strong knowledge and understanding of cybersecurity processes and concepts (e.g., incident response, software development, security governance, cloud computing, SDLC, vendor risk management, penetration testing, vulnerability management, disaster recovery, segregation of duties, auditing and logging, physical security, access management, configuration management)
- Experience in leading cybersecurity audits/reviews and performing security assessments for a global organization
- Excellent time management skills

Being You

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Our employee learning hub gives you access to the best learning in the industry to receive certifications and accreditations, including Microsoft University, AWS Cloud Center of Excellence, Udemy, and the Harvard Business Review. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you We want you to succeed so that together, we will all succeed.