IT Security Auditor Analysis
Qlik helps enterprises around the world move faster, work smarter, and lead the way forward with an end-to-end solution for getting value out of data. A Gartner Magic Quadrant Leader for 11 years in a row! Our platform is the only one on the market that allows for open-ended, curiosity-driven exploration, giving everyone – at any skill level – the ability to make real discoveries that lead to real outcomes and transformative changes. We are a Values-Driven organization, operating over 100 countries with over 50,000 customers around the world. If you think we are interesting, please read on – we may be looking for you!
IT Security Analyst
We are looking for a Security professional with an IT Audit background to support:
(A) our Sales organization in selling the security of our software, SaaS and professional services offerings to customers
(B) annual security-related audits and execution of our IT General Controls (ITGCs) program.
Primary Responsibilities & Tasks
● Receive and respond timely to security-related requests (questionnaires, agreements, meetings) from prospects/customers related to Qlik software, SaaS and professional services offerings.
● Support annual security related audits including, but not limited to, SOX-lite Financial/ITGC audit, ISO/IEC 27001:2013 audit, and AICPA SSAE 18 SOC 2 Type II audit.
● Update and refresh existing security policies on an annual basis as part of our Information Security Management System (ISMS).
● Review both IT General Controls (ITGC’s) as well as Substantive Controls executed by Qlik Security’s offshore team weekly, monthly, quarterly and semi-annually around access, change and transaction activity for financially-significant systems.
● Escalate weekly Vulnerability Scan results against internal/external assets to asset owners for remediation.
● Receive, facilitate and respond timely to data subject deletion and/or access requests in line with the GDPR requirements.
● Review existing security assessments/results executed by Qlik Security’s offshore team (e.g. BYOD audits).
Secondary Responsibilities & Tasks
● Received and respond timely to Security Incident notifications from our 3rd party security alerting tools with Qlik employees and contractors for remediation.
● Review and approve/reject 3rd Party Risk Assessment from a security perspective when Qlik employees and contractors want to procure technology or professional services from external vendors.
Competencies and Skills
● Ability to work independently as well as collaborate cross-functionally with all org levels (individuals and management).
● Ability to apply security competencies for continuous improvement of existing ISMS.
● Competencies based on the following industry security standards: ISO 27001, COBIT/COSO, SSAE 18 and others.
● Competencies with the following technology a plus: O365, NetSuite, Salesforce, ServiceNow, Workday, Jira, Tenable, Qlik Data Analytics software/SaaS, Qlik Data Integration software.
● Excellent analytical, written and verbal communication skills.
Experience & Qualifications
● 3-5 years in IT Audit, Security, Governance and Compliance.
● Holds or actively pursuing one or more of the following qualifications: CISA (ISACA), CISSP (ISC2) or similar.
● Experience in mentoring, reviewing and assigning work to junior auditors.
USA – King of Prussia, PA
- Qlik Company Page – Who we are!
- Our Values at Qlik: Challenge, Take Responsibility, Move Fast, Teamwork for Results, Be Open and Straightforward
- Competitive Benefits package
- Flexible working environment
- Giving back is a part of our culture – we give you a day to change the world. In addition, we encourage our employees to participate in our numerous Corporate Responsibility Employee Programs
- Learn about our Corporate Responsibility Program by visiting Qlik.org
- Check out our company page on Linkedin!
- Follow us on Instagram @lifeatqlik and @Qlik
Qlik is an Equal Opportunity Employer and does not discriminate on the basis of any protected category or characteristic. We value the diversity of our workforce. If you need assistance due to disability during the application and/or recruiting process, please contact us via the Accessibility Request Form
AGENCIES: Qlik is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at Qlik via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Qlik. No fee will be paid in the event the candidate is hired by Qlik as a result of the referral or through other means.
“Proof of full vaccination required before start date.”