Job Description

Secureworks (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience. www.secureworks.com

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about whats next. We offer flexible work options when available and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

The role is responsible for defining standards and requirements for IT service and product owners to ensure IT capabilities meet audit and compliance standards. This role is responsible for performing risk management, compliance and internal control oversight for information systems and related processes for the IT & Facilities organization throughout the Secureworks environment. This includes IT infrastructure solutions, security solutions, business applications, complex computer applications and other technology solutions, both cloud and on premise, as well as coordinating and preparing responses to requests for information to satisfy internal and external audits. Current audit frameworks include SOX, FFIEC, SOC 2, ISO 27001/9001, HIPAA.

The incumbent is expected to have information technology systems audit experience and to demonstrate proficiency in performing information technology systems compliance, internal controls and audit work which conforms to professional standards. This is a new role that will work with existing professionals in the Global Audit organization and leaders in IT. Work will generally be expected to be carried out with limited supervision. The complexity and size of projects will vary significantly.


Responsibilities

* Develop and deliver guidance to IT service and product owners to ensure compliance requirements are built into solutions during definition and implementation, and managed throughout their lifecycle

* In partnership with the Global Audit organization, develop, administer and coordinate the divisions response to risk-focused exams for information technology solutions and processes managed by the IT and Facilities organization.

* Translate highly technical processes, workflows and controls into generally accessible language and narrative.

* Execute and properly document the audit process on a wide variety of IT solutions, technologies and applications and accurately interpret results against defined criteria

* Apply internal control concepts in a wide variety of information technology processes and appropriately assess the exposures resulting from ineffective or missing control practices

* Effectively evaluate audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence

* Effectively communicate audit results, both verbally and in writing, so that they are relevant, placed in the appropriate context, and understood by the business audit recipient

Requirements

* Minimum of 5 years experience of information system or product compliance audit experience

* Minimum of 3 years experience performing assessments of the Information Security Controls and supporting information technology systems within the scope of various regulatory requirements and industry best practices

* Minimum of 2 years experiencing working in a SaaS environment

* Excellent written and oral communication skills including agility with business, technical and audit concepts

* Demonstrated ability to work in an influence management capacity with all levels of employees and management

Desirable Requirements

* Experience performing assessment of the Information Security Controls in an MSS environment

* Working knowledge of regulatory and industry data security standards (FFIEC, HIPAA, PCI, NERC, SOX, NIST, EU/Safe Harbor, and GLBA)

* Bachelor's or masters degree in Information Systems, Information Assurance or Accounting and Information Systems or other related area

Secureworks (A Dell Technologies Company) is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Secureworks here.