Career growth and advancement is important to everyone. The ISSA Denver Chapter provides a forum to connect job seekers and hiring companies or managers. If you are a hiring company or manager, please use the form below to submit your information to be advertised to the ISSA Denver Chapter audience. For job seekers, the opportunities will be posted to our Blog as they are received.
If you want to have face-to-face interactions with job seekers or hiring managers, please attend one of our events. Nametags are provided for events and attendees can choose to identify themselves as either hiring or looking. Job seekers put a green sticker on their nametag and those hiring put a blue sticker on their nametag. This allows a personal interaction to connect people together.
If you are an employer who would like to post a position to the website then submit contact information, position, link, location:
IT Security & Compliance Analyst
Jobs at LogRhythm
Here is a little more information about us:
LogRhythm is a Boulder CO based security intelligence software company. We empower organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. Globally the company has consistently been recognized as a market leader – including being based in Gartner’s Magic Quadrant three years running. Locally in Colorado we’ve earned a reputation as a company with a dynamic culture that’s committed to accelerated innovation cycles, thoughtful career development for our employees, and securing our customers from the most sophisticated cyber threats of the day. In 2013 and 2014 we were recognized as a Top Workplace by The Denver Post.
One of the global centers for innovation within network security is in Colorado. All of product development is done in Boulder with some of the top engineers in the area. The vast majority of our customer support, finance, IT, accounting, operations, HR, marketing, and sales functions have been grown with top local talent. With the original leaders still in place and a collection of amazing employees we have been able to create and scale a highly driven and collaborative environment. By leveraging this environment to carve out a formidable position in a hot market, we are growing at a rapid pace. We look for candidates that present a collaborative, process oriented mindset combined with an entrepreneurial spirit.
IT Audit Manager (14461)
Janus Henderson Global Investors is a leading independent global asset manager, dedicated to delivering the best outcomes for clients through a broad range of actively managed funds.
We provide our institutional, retail and high net-worth individuals with access to skilled investment professionals representing a broad range of asset classes including, equities, fixed income, multi asset and alternatives.
We are a team of independent thinkers who work tirelessly to help our clients achieve their goals – and we do it by fostering an energetic and collaborative culture that ensures our people love the place they work.
Headquartered in London, Janus Henderson is a truly global asset manager with a diverse geographic footprint, managing over $320bn of assets (as of March 31, 2017) from 27 offices globally and employing more than 2000 staff.
Overview of the Role
The primary responsibility for this role is to plan and execute operational IT internal audits covering all Janus Henderson entities. The internal audit program includes numerous IT audits covering business applications, pre-implementation reviews, cyber security (penetration testing), IT disaster recovery, infrastructure baselines, and various operational IT processes. Additional duties include managing the outsourced vendor responsible for completion of IT SOX related testing annually. Planning and coordination activities include the majority of the IT SOX related functions for this role.
Duties and Responsibilities
- Manage and serve as liaison for internal audit vendors engaged to conduct IT audits.
- Performs audits on technology to ensure compliance with organizational policies, standards and procedures, and controls are adequately incorporated into the systems or applications.
- Performs pre- and post-implementation audits on new and existing system and infrastructure to ensure development efforts are in compliance with organizational policies, standards and procedures, and controls are adequately incorporated into the systems or applications.
- Prepare audit reports for audits he/she conducts and reviews and finalizes audit report drafts prepared by vendors.
- Ensure that all audit records and documentation are accurate and in compliance with applicable government regulations and internal audit standards.
- Follows up on audit findings to ensure that they are addressed by corrective action owners in a timely manner.
- Summarize audit results for quarterly Internal Audit reports to management and Audit Committees.
- Review entity-level risk assessments performed by the Enterprise & Operational Risk Management functions.
- Assist in the annual audit planning process.
- Build and nurture relationships with line management in the company to promote internal audit involvement and to serve as an expert resource.
- Act as liaison between management and external auditors.
- Assume additional duties as requested or assigned by the Senior IT Audit Manager.
This involves identifying the scope of the work for an audit, the objectives to be met, the timescales for completing the audit and the extent of audit testing that will be required. This stage of the audit will result in the production of an agreed Audit Announcement.
This involves the documentation of systems and processes leading to the identification of key controls; undertaking and evaluating the results of audit testing; identifying weaknesses in controls and offering recommendations to management for their improvement.
On completion of the fieldwork, an exit/closing meeting will be held with auditee Management to discuss the results of the audit and obtain agreement with them to the actions proposed.
Following the exit meeting a draft audit report containing findings, conclusions and proposed remediation/corrective actions will be submitted to auditee Management to enable them to confirm their action plans, with timescales for completion, and who will be responsible for completing the actions. Following Internal Audit’s assessment of whether the proposed Management remediation/corrective action plans adequately address the related risks, a final audit report will be issued which incorporates the agreed Management action plans.
Monitoring of Outcomes
Contribute to the monitoring of the agreed remediation action plans to ensure that they are on track for successful and timely completion. In some instances this may involve a short follow-up audit of the area.
Assumes additional duties as assigned
- This role will manage and serve as liaison between the SOX testing firm and management.
Technical Skills and Qualifications
- Firm understanding of information technology including IT process, IT general controls, and emerging technologies, ability to coordinate vendor selection processes with IT Department as needed
- Thorough, practical knowledge of the audit process including planning, execution and completion of the audit engagement
- Attention to detail and accuracy
- Ability to prioritize and manage multiple projects and people simultaneously
- Ability to work independently
- Strong interpersonal and leadership skills, specifically the ability to develop and maintain positive, cooperative, and collaborative work relationships
- Advanced ability to write clear and concise audit reports and findings
- Strong written and verbal communications skills, including the ability to effectively express verbal and written viewpoints to varied audiences
- Ability to resolve audit conflicts with management positively and professionally
- Strong computer skills, specifically Word, Excel, and SharePoint
- Bachelor’s Degree, preferably with a major in Computer Science, Information Systems or Technology or equivalent
- CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or CPA (Certified Public Accountant) professional certification preferred
- Six years of total experience in IT audit/compliance positions required with a minimum of 3 years in public accounting preferred.
- Technology and/or IT Audit experience
Ongoing competence in the role to be assessed by:Annual Performance Appraisal
- Completion of all assigned Compliance training
- Completion of Continuous Professional development courses as agreed with you in your performance objectives.
Working Environment/Physical Activities
- Overtime is unusual but may be required on short notice and may include weekend/evening/holiday hours
- General office equipment such as PC, telephone, fax machine, copier, etc.
- PC usage up to 75% of the time
- Limited business travel may be required (~10%)
At a minimum the role requires the individual to:
- Place the interest of Janus Henderson’s Clients first and always act in accordance with Treating Customers Fairly principles
- Understand and comply with any federal, state, and foreign laws and regulations applicable for the role, and seeking the guidance of Compliance if this is unclear at any time
- Understand and comply with all relevant Janus Henderson policies applicable for the role, and seeking the guidance of the relevant policy owner if this is unclear at any time.
The individual in the role is ultimately accountable for his/her own actions and is responsible for seeking further information on any or all of the above as necessary.
U.S. Only (Legal Disclosure)
Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee’s job functions (as determined by Janus Henderson at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson's Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants’ past political contributions or activity may impact applicants’ eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.
Janus Henderson Investors (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee’s job functions (as determined by Janus Henderson Investors at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investors' Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants’ past political contributions or activity may impact applicants’ eligibility for this position. Janus Henderson Investors is an equal opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.