This site uses cookies. To find out more, see our Cookies Policy

Director of IT Audit in Woodland Hills at Apple & Associates

Date Posted: 11/19/2018

Job Snapshot

Job Description

Candidates must have current or very recent experience with a Big-4 or national CPA / Consulting firm performing IT consulting engagements for numerous clients in diverse industries.

We are a specialized boutique technical advisory firm looking for an Information Technology (IT) Security Consulting Services Director. You will have the opportunity to grow your career in a collaborative environment that is a playground for highly skilled, self-motivated professionals.  You will oversee several concurrent project teams to review and assess the IT environments, risks, and controls related to information confidentiality, integrity, and availability for companies that range from newly public high growth entities in rapidly changing environments to the largest entertainment and public companies in Los Angeles. Requires at least five years of relevant IT Audit / Cuber Security / SOX experience within a Big-4 or national CPA or consulting firm environment.

If you’re interested, here is the challenge for your first year with our firm:

    • Manage Information Technology (IT) Security projects involving strategy, implementation, support, and software/hardware optimization related to security, privacy, and  business resilience
    • Review and redesign security profiles to assess and improve how application security is being used as a part of the overall control environment
    • Provide guidance and advise project teams in developing and enhancing IT security controls and resolving identified deficiencies within the IT department of our clients. Directors will recommend IT solutions that balance client resource constraints with the need to mitigate risk.
    • Oversee successful project completion by prioritizing manager and senior tasks.
    • Directors are responsible for negotiating the scope of the work, bill rates and budgets for recurring projects at existing clients. 
    • Directors have the responsibility of maintaining and building the client relationships.
    • Security strategy - Assess, design and implement a security strategy and governance program framework that describes the process, controls, organization and infrastructure to manage information security related concerns.
    • Security implementation - Design, implement and integrate security solutions to address enterprise risks and exposures.
    • Security governance - Design and implement security policies, procedures, and standards that describe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity, and availability of information systems and the data processed therein.
    • Security monitoring - Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls, and infrastructure.


Upon successfully demonstrating the skill set listed above you will have the opportunity to earn a promotion to Practice Leader. As a Practice Leader you will be responsible for:

    • Practice development at your assigned existing clients.
    • Assisting the partnership group in managing one of the administrative functions of the overall firm which include Human Resources, IT, Accounting, Scheduling and Recruiting. 


A hands-on knowledge of ISO27001, PCI-DSS, COBIT, SOX, and Privacy Regulation requirements is required. Additional Qualifications are below:

    • Bachelors degree from an accredited college/university in an appropriate field
    • A minimum of 8+ years of related work experience in developing, implementing or architecting information security systems with a strong understanding of information security regulatory requirements and compliance issues
    • Knowledge of general security concepts and methods such as vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance
    • Understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Perl, Shell)
    • Demonstrated ability to develop new engagement opportunities in the information security advisory space; and the ability to contribute to the development of client deliverables and technical content
    • Strong existing relationships within the Information Security or IT executive ranks (e.g., CIO, CISO, Director of Information Security, SVP and VP of Information Security)
    • Project management of information security projects including development of project charters and plans; management of project execution and successful implementation of the planned solution
    • Experience in process definition, workflow design, and process mapping
    • Extensive knowledge in operations, system evaluations, and architecture