Technology Audit Engineer

  • Location:
    Canberra, Australia
  • Area of Interest
  • Job Type
  • Technology Interest
  • Job Id

What You Will Do

  • Contribute under the supervision and mentorship of the Cisco GCC Strategy Leader and drive technology compliance activities across Cisco specific to IRAP majorly.
  • Liaison with External Auditors, Government agencies wherever applicable for IRAP audit and certification of Cisco products. The Candidate shall also work on other compliance projects as well.
  • Perform Information Security related assessments to cover domains like User Access management, Network, OS & Application Security, Vulnerability Management, Encryption, SDLC, Backup Management, Disaster Recovery, Physical Security, Training & Awareness etc.
  • Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings
  • Own the liaising with external auditors and customers to help them gain comfort with regard to Cisco's GCC program
  • Assist in Compliance testing as and when required. Identify internal controls issues, ensure they are well-defined and root causes are identified
  • Maintain audit/compliance tasks in GRC as well as other related tools
  • Build and maintain compliance dashboards to provide a holistic view of the compliance posture of the organization
  • Collaborate and co-ordinate activities with the GCC team based across geographies.

This role calls for an individual who understands all aspects of performance which impacts both internal and external Compliance posture. The individual will work with other team members to drive various initiatives necessary to improve it. It requires an individual to showcase in-depth knowledge and decision making skills based on risk to build long term sustainable process paths to improve our Compliance and Security posture.

Who You Are

  • Bachelors / master's Degree with a focus in Information Technology / Computer Science or related field
  • Minimum 4-7 years of related cybersecurity regulatory compliance experience and at least 2 years’ experience specific to IRAP.
  • Knowledge of Compliance framework(s) IRAP is a must to have and others such as ISMAP,SOC 2, ISO, PCI, FedRAMP are good to have.
  • Hands on experience in Identifying threat model and perform Threat and Risk Assessment on the solution
  • Experience in executing governance, risk and compliance functions
  • Background in development of ISM documentations
  • Experience in performing security risk assessment and control effectiveness assessment
  • Experience in coordinating all inputs for IRAP assessment and work with assessor to seek accreditation
  • Exposure in developing and maintaining key security artefacts required for IRAP assessment
  • Experience in assisting with production security management activities such as regular vulnerability management, access reviews etc.
  • Support Continuous Improvement of security process & controls uplift

Why You'll Love Cisco

#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here’s how we do it.

We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (30 years strong!) and only about hardware, but we’re also a software company. And a security company. A blockchain company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!

But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)

Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool.