Senior Manager - Information Security - CISSP

Position Description
About us:
What started small, with a single discount store and the simple idea of selling more for less, has grown over the last fifty years into the largest retailer in the world. Today, nearly 260 million customers visit our more than 11,500 stores under 65 banners in 28 countries and e-commerce sites in 11 countries each week. With fiscal year 2015 net sales of $482.2 billion, Walmart employs 2.2 million associates worldwide ? 1.4 million in the U.S. alone. It's all part of our unwavering commitment to creating opportunities and bringing value to customers and communities around the world.
Position description:
Leads audit plan development for Information Security Audit engagements by identifying the technology behind the business process subject of the audit; identifying cyber risks threatening accomplishment of process objectives; determining the severity risks with regard to likelihood of occurrence and business impact; developing audit tests to assess the effectiveness of controls; employing data analytics technologies; assigning associates to execute portions of the technical audit plan.
Designing and developing strategies and tools to enhance audit efficiency and effectiveness leveraging IT industry expertise; applying relevant information security frameworks and best practices (for example ISO 27001/2, NIST, COBIT, OWASP Top 10, etc.) in areas of high complexity and emerging technologies.
Provides subject matter expertise in information security by ensuring comprehensive approaches to multiple audit projects; identifying IT audit work programs and control testing processes; developing and delivering training to internal and external teams; and reviewing technical aspects of audit projects.
Demonstrates ability to discuss and understand information security issues in areas such as vulnerability assessment, penetration testing, identity and access management, web application security, secure network architecture, data protection and internet networking in general (i.e. TCP/IP, DNS, routing, etc.)
Drives project deliverable completion by reviewing and overseeing the completion of audit workpapers, approving the severity and disposition of identified control weaknesses; reviewing compensating controls and offering recommendations on mitigation effectiveness; ensuring solution proposal, communication protocol, and communication effectiveness; leading closing conferences; and managing the follow up on remediation issues.
Leads technical functions to support information security audits by coordinating with process owners to identify and test controls; validating process documentation; analyzing IT and business information to identify improvement opportunities; working with the company's external auditors to ensure testing of regulatory compliance controls (Sarbanes-Oxley IT General Controls program); determining the technical components to be evaluated as a result of business compliance requirement and testing methods; and building foundations for aligning approach and technical scope with the company's external auditors. Maintains and advances industry expertise by reviewing new technologies; and participating in continuing education and training (for example, relevant industry certifications, forums).
Provides supervision and development opportunities for associates by selecting and training; mentoring; assigning duties; building a team-based work environment; establishing performance expectations and conducting regular performance evaluations; providing recognition and rewards; coaching for success and improvement; and ensuring diversity awareness.
Minimum Qualifications
Bachelor's degree in Management of Information Systems or other Information Technology-related field.
8 plus years of experience in information security with internal audit emphasis preferred
2 years of supervisory experience.
Information systems certification or licensure (for example, Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Systems Manager (CISM)).
Additional Preferred Qualifications
Master's degree in Business Administration (MBA), Information Technology, or Information Security field.
Financial certification or licensure (for example, Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE)).
1 year of public accounting experience in assurance or internal audit.
Employment Type:
Full Time
Position Type:
Company Summary
Wal-Mart Stores, Inc. (NYSE: WMT) serves customers and members more than 208 million times per week at more than 8,600 retail units under 59 different banners in 15 countries. With fiscal year 2010 sales of $405 billion, Wal-Mart employs more than 2 million associates worldwide.
Req ID:

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.