Of course it's IT audit as It appears. Open position inside the Division request (chosen skills In short) 3-four a long time of IT programs audit practical experience, dealing with Individually identifiable facts, CISA / CISSP / CFE / CIPP Qualified, analytics skills: spreadsheet modeling, money Evaluation, working with big datasets and primary probability and figures, Make custom ETLs, Proficiency in Python and SQL or capability to study depending on experience apart from gentle abilities like communication, leadership and dealing in cross purposeful teams.
The CISSP isn't going to call for safety management encounter; the CISM needs 3 many years of stability administration working experience,
two) I “have read that many companies there benefit CIAs much better than most (with regard to your audit career). I used to be asking yourself if I must incorporate CFE to CIA”
It Appears very good. With the accounting track record and some IT history, you will be able to find a business that requires an entry-stage individual to cover both equally regions. Keep in mind, some IT auditors get employed with tiny IT knowledge. I’ve worked with a pair.
If you want to learn the fabric, read the book, then do online. You’ll get the info twice in 2 various formats.
For those who actually need to pursue audits, you most certainly won’t do pentesting or something like that. I haven’t completed that in any audits I’ve completed Regardless that I utilized to do pentesting After i was in protection.
You question fantastic but hard issues.. You’ve indicated you’re discovered a lot click here of the answers somewhere else on this blog.. but I’ll insert several additional ideas.
I continue to Assume you audio like you’d be much more serious about Performing being a safety analyst than an IT auditor.
If you wish to be an excellent IT auditor and strategy on staying in that profession for many years, I’d have the CISA, then the CISSP. The subsequent cert I’d get is CIA. Personally, I wouldn't pursue the CISM.
If you move in that course, let me know. I’d be interested in hearing about your journey and would be content to deliver even more input if desired.
The rationale I point out audit being a pre-requisite for that CISA is mainly because it pros Believe they could go the CISA without having being aware of audit (Phony!). The CISA is first and audit cert and after that an IT cert.
Considering the fact that your fascination is much more specialized, I’d lean toward the CISSP or one of those certs. You won’t learn that rather more complex stuff pursuing the CIA.
The CEH and also other hacking certifications are more details on hacking tools and vulnerabilities. It won’t harm you, nonetheless it gained’t educate you what you would like to master.
Before having this on the web CISA class, it is usually recommended that candidates have no less than five years of working experience in IS audit, Handle, assurance or stability.