Manager - Information Security Internal Audit

Daikin Applied is seeking a talented Manager – Information Security Internal Audit. The Information Security Internal Audit Manager collaborates closely with cross-functional work groups to plan, lead, coordinate and execute internal risk and compliance initiatives including audits, special projects, and risk assessments according to an established audit schedule. This position plays a critical role in ensuring compliance with industry standards and regulations. Key responsibilities include monitoring and evaluating compliance with established policies and procedures, conducting and reporting results of separate evaluation testing, and preparing audit reports communicating the findings and recommendations to senior leadership. This position will supervise a team of 1-3 internal auditors. Come be a part of an exciting journey at Daikin Applied, where innovation and excellence drive our every endeavor!

• Oversee the implementation of a comprehensive security risk management framework, ensuring it aligns with industry best practices and regulatory requirements
• Develop and manage the cybersecurity and compliance budget, including resource allocation and expenditure tracking
• Manage and lead financial, operational, and compliance audits and special projects within the planned scope and budget
• Develop annual audit plan and design and execute audit programs, determining the scope, objectives, and test procedures
• Evaluate the adequacy and effectiveness of internal controls while making value added recommendations to improve the overall control environment
• Effectively document workpapers to support findings and conclusions and clearly communicate results in audit reports to management. Ensure the fulfillment of approved audit report recommendations
• Fulfill reporting and information requirements for the parent company, including the audit plan, summary of audit reports and recommendations, audit committee papers, and other requests
• Ensure Daikin complies with relevant industry standards, regulations (e.g., PCI, CMMC, ISO 27001, cyber insurance requirements, parent company (DIL) requirements, and any regulatory, statutory, or contractual obligations related to information security
• Oversee the development, implementation, and maintenance of security policies, procedures, and protocols
• Oversee the performance of regular security risk assessments to identify potential vulnerabilities and develop strategies to mitigate risks effectively
• Develop a thorough understanding and knowledge base of company operations. Work in a team and embrace the company's compliance principles as a key component of the audit process
• Establish effective business relationships within the company and assist management in the understanding and adaptation of internal control principles
• Document and actively participate in the development of audit procedures performed as well as the preparation of noted concerns for audit report inclusion
• Execute an efficient and effective audit approach as defined by internal audit management and ensure that all assigned work is completed according to schedule and within the establish budget parameters
• Preparation and analysis of audit data through computer aided audit tools (ACL, spreadsheets, database tools, etc.)
• Perform all assigned audit duties in a manner that reflects the highest professional standards and ethics and complies with corporate guidelines
• Train, teach, and manage cybersecurity internal auditors, providing leadership, mentoring, and guidance in their development
• Stay up to date with emerging security threats, trends, and technologies to ensure the Daikin remains proactive in its cybersecurity posture. Where applicable, evaluate and recommend security tools, solutions, and services to enhance the cybersecurity posture
• Develop and deliver security awareness training programs to educate employees on security risks, best practices, and compliance requirements

• Medical/Dental/Vision coverage, PTO, 401K match, support for community involvement and much more
• The ability to make an impact and shape your career with a company that is passionate about growth
• The support of an organization that believes it is vital to include and engage diverse people, perspectives, and ideas to achieve our best

• Bachelors Degree in Computer Science, Information Systems, Computer Engineering or related area, cybersecurity, information security or an equivalent combination of relevant education and experience
• 8 years of experience in Information Security
• 4 years of management experience
• Work visa sponsorship is not available for this position

• 10 years of experience in Information Security
• Information Security professional certifications such as ISO 27001 Lead Auditor, CISA, ISACA, CIPP, CISSP, CISM, CRISC

#LI-RS1, #LI-onsite