Information Security Senior Auditor

Job Brief

The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company’s systems of internal controls that guide company activities toward accomplishing key business objectives.

Duties and Responsibilities

• Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
• Perform test of design and operating effectiveness of controls
• Effectively communicate audit results to management
• Work with stakeholders to develop actions plans that address root cause of findings
• Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
• Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
• Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
• Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
• Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.

Minimum Requirements

• Bachelor’s degree in management information systems, computer science, accounting, finance, or other IT related fields is required
• At least 4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
• Must have strong verbal and written communication skills; fluency in English is required
• Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
• Ability to travel up to 30% including international travel (valid passport required)
• Professional certifications (e.g., CIA, CISA, CISSP) are preferred

Additional Information

About AECOM

AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.

AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients’ complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.

What makes AECOM a great place to work

You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you’ll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you’ve always envisioned. Here, you’ll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.

As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.