IT Auditor
Posted on 9/8/2023
Cresco Labs

1,001-5,000 employees

Cannabis and medical marijuana
Company Overview
Cresco Labs is on a mission to normalize, professionalize and revolutionize cannabis.
Chicago, IL, USA
Experience Level
Desired Skills
IT & Security
  • A degree in information technology/computer information systems or related (essential)
  • Certified Information Systems Auditor (CISA) (essential)
  • 2 years of work experience as an IT Auditor
  • Experience with firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security
  • Financial and IT application experience (SAP, Oracle, Peoplesoft, and Hyperion)
  • Expert in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits
  • Clear understanding of IT audit methodologies
  • Ability to work under pressure in a fast-paced environment
  • Strong attention to detail with an analytical mind and outstanding problem-solving skills
  • Great awareness of cybersecurity trends and hacking techniques
  • Must be 21 years of age or older to apply
  • Must comply with all legal or company regulations for working in the industry
  • Examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies
  • Troubleshoot security and network problems
  • Plan, implement, monitor, and upgrade security measures for the protection of the organization's data, systems, and networks
  • Participate in the change management process
  • Test & identify network & system vulnerabilities and create counteractive strategies to protect the network
  • Conduct efficient and effective IT audit procedures
  • Communicate complex technical issues in simplified terms to the relevant staff
  • Perform regular audit testing and provide recommendations
  • Review, evaluate, and test application controls
  • Provide recommendations and guidance on identified security and control risks
  • Develop a strong understanding of policy gaps & create relevant policies, standards, & procedures where needed; examine System & Organization Controls (SOC) reports for 3rd party applications