It Risk Internal Auditor

• Enforce best practices in IS/IT Security, GRC practices and frameworks.
• Execute basic auditing, control assessments, policy/standard/procedure writing and Implementation.
• Develop, implement, maintain, and oversee enforcement of policies, standards, procedures, and associated plans.
• Ensure compliance to PCI DSS, SOX 404, ISO, and OFAC regulatory bodies and requirements.
• Create and document necessary audits of Mouser Electronics policies, standards, and processes.
• Manage Security Awareness program by creating materials, enrolling, and provide training as needed.
• Participate in Business Continuity activities, audits, and security review and planning activities.
• Understand Mouser business organization, processes, and strategies.
• Clearly articulate in writing and verbally the results of all assessments to management, as needed.
• Generates succinct and actionable reporting to Risk Owners that provides a status on all open issues, including remediation plans and/or exception requests.
• Evaluate new processes and software designed for the Security GRC Program.
• Understand the fundamentals of setting up and maintaining network and security hardware and software systems.
• Assist with addressing security breaches and vulnerability issues in a timely fashion and be an active participant in the incident response processes.
• Maintain audit results and corresponding data to quickly respond to requests for information from internal or external auditors.
• Understand common networking and security hardware and software environments, security alerts and issues, protocols, standards, and trends.
• Understand of CobiT, ISO 27001/27002, PCI DSS, SOX 404 frameworks.
• ISO documentation like SOA, Risk Assessment and Risk Treatment.
• Six Sigma or ITIL certification preferred.
• Certification as a CISA, CISM, CRISC, CISSP, CGEIT, or other Information Security/IT Audit discipline preferred.
Required Bachelor’s degree.

This is a summary of the primary accountabilities and requirements for this position. The company reserves the right to modify or amend accountabilities and requirements at any time at its sole discretion based on business needs. Any part of this job description is subject to possible modification to reasonably accommodate individuals with disabilities.