**Description** AUDIT HIRING EVENT: APPLY BELOW TO BE CONSIDERED FOR AN ON-SITE INTERVIEW ON EITHER TUESDAY, MARCH 4TH OR WEDNESDAY, MARCH 5TH. About the Role The Audit Department is responsible for providing internal auditing services that include reviewing business processes, systems, and operations, as well as examining tenants and contractor records. Reporting to the Inspector General and the Board of Commissioners Audit Committee, the Department's mission is to bring an independent, systematic, and disciplined approach to evaluating and improving the effectiveness of internal control and risk management. The Audit Department is looking for highly skilled individuals to join their team in support of the mission – to enhance and defend the integrity of the Port Authority's programs and operations. Reporting directly to the Manager the duties of this position are highly confidential and involve the handling of sensitive documentation. The selected candidate is expected to maintain confidentiality and discretion. As a Third-Party Risk Cybersecurity Audit Analyst in the Information Systems and Technology Audits Division of the Audit Department, the successful candidate will participate in performing risk-based audits of the agency third party’s technology, controls, and policies. This team member will be responsible for the gathering and analysis of third-party data and information, sending and reviewing assessments to third parties and drafting reports of the audit results. This role is tasked with compiling data and completing documentation related to vendor risk, as well as ensuring that the issues that arise are appropriately captured, assessed, and mitigated to acceptable levels. The **Audit Analyst – Third Party** **Cyber** **s** **ecurity** **Auditor** will possess the following skills: Responsibilities + Demonstrate the ability to work in a fast-paced environment. + Conduct risk assessments of third-party vendors. + Perform vulnerability scans of third-party environments and analyze the scan data. + Identify and evaluate third-party's cybersecurity controls and ensure compliance with Port Authority policies, standards, and guidelines as well as industry best practices. + Articulate risks and control weaknesses as well as identify potential options for remediation or compensating controls. + Execute Cybersecurity and IT audits in accordance with professional standards, including data gathering, analysis, preparation of workpapers and summarizing the results of the audit for technical audits. Minimum Qualifications + Bachelor’s degree in Information Systems, Computer Science or related fields. + Minimum of (1) year experience in risk management, auditing and/or a cyber-related position is preferred. + Demonstrated ability to exercise good judgement and discretion in handling confidential information. Desired Qualifications + Thorough understanding of IT risk and mitigation strategies. + Thorough understanding of internal controls practices and system controls + Knowledge of professional auditing standards (IIA/ISACA) and knowledge of CIS Top 20, COBIT, NIST, PCI, ISO, HIPAA, CJIS, COSO frameworks as well as Cloud Security Alliance Cloud Controls Matrix + Ability to utilize scanning tools and make conclusions. + Ability to read and analyze system configurations. + Have strong organizational skills as well as effective oral and written communication skills. + Strong attention to detail and ability to closely follow defined processes. + Ability to meet deadlines, work independently and prioritize work. + Ability to effectively build relationships and interact with internal and external partners at all levels. + Knowledge and willingness to learn standards, PA policies and procedures. Selection Process The application process varies by position, but typically includes an initial phone interview for qualified candidates, followed by a more in-depth interview(s) and/or assessment(s). Selected candidates who are made a conditional job offer will be asked to undergo a background check. Compensation & Benefits The Port Authority of New York and New Jersey offers a competitive benefits package, hybrid work options for many positions, and a professional environment that supports development and recognizes achievement. Click here (https://www.jointheportauthority.com/pages/working-here) for more information about benefits, our culture, and career development opportunities. REQNUMBER: 62717