Senior IT Auditor, Fortune 500 global manufacturing organization: “I joined a Big 4 firm advisory practice out of college, did two years, and then moved over to IT Internal Audit a year ago. Information security is my next goal. When I look at information security job postings, they all seem more technical than my current skill set, which is heavily ITGC focused. What should I do to build skills that will be marketable to information security?”
IT Audit Director, large financial services company: “Can you please help us find a technical Senior IT Auditor with 3-5 years of experience who has application auditing skills at the level where they can do code review? Some programming skills would be very helpful. We also need mainframe, cyber security, cloud, IoT, and data analytics experience – from an audit project perspective. We need actual experience with IT operational audits – not just ITGC / SOX experience.”
ISACA Now: You’re Southeast Region Geographic Information Systems Coordinator with the U.S. Fish & Wildlife Service; Partner at White Mile Consulting, LLC; and an adjunct professor at Tennessee Technological University – where do you find time for all of that?
JD: I have always been a strong proponent of time management. I work four 10-hour-days with the U.S. Fish & Wildlife Service in a role where I lead our Geographic Information Systems (GIS) program in the southeastern U.S. and the Caribbean. I also serve in an IT role with a focus on IT security and help desk issues. My GIS classes at Tennessee Technological University are taught in the evenings a few days a week after I get off from my primary job. I took the fifth day of the week to start a consulting firm to provide IT auditing, policy creation and penetration testing for commercial banks and credit unions, after working to support them on the side for years. When I am not at work, I spend all of that time with my family traveling or in family activities. I’ve never been one to sit idle and spend any time watching TV. I like to always be doing something and challenging myself. I guess I took that story that I could “grow up and be what I wanted to be” to be true.
The rewards of a career in information technology include above-average compensation, advancement opportunities, intelligent peers and job satisfaction. Employers, to attract and retain talent, have become increasingly flexible about alternate schedules, remote work and family leave—benefits that appeal to many women.
If we look at trends during the past decade, women have not gravitated toward information technology in the increasing numbers that one might expect from an industry that offers the stability of ever-increasing growth and is experiencing a seller’s market (more jobs than qualified candidates), which is likely to continue.
A few months ago, on 8 November 2016, an unexpected announcement jolted the Indian nation. In a nationally televised address, the Prime Minister of India, Mr. Narendra Modi, announced the demonetization of rupees 500 and rupees 1,000 currency notes. This meant that the currency notes would no longer be considered as legal tender.
The rupee 500 and rupee 1,000 notes at the time of demonetization represented more than 86 percent of the total value of currency under circulation.
As the business benefits from technology grow rapidly, so do related risks.
The ability to communicate and interact with remote stakeholders seamlessly requires points of entry into the enterprises network that would otherwise not be present. Such entries could result in vulnerabilities for organizations that should be identified and assessed. In like manner, the identification and assessment of threats that could potentially exploit such vulnerabilities is also necessary. Once there has been sufficient analysis of the potential risks, the enterprise must decide how to respond to them.
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.