fullcrowmoon wrote: » It's actually a lot of fun!
beads wrote: » Fullcrowmoon; I enjoyed my time in audit and learned so much about the business side of the house doing it - I have no regrets there. Only made me a better blue team person in the long run. And yes, end-users, especially server administrators, make sport of lying to auditors. Developers are a close second. Oddly, the most honest? Infrastructure. End users are like shoes... all different shapes and sizes but still shoes. - b/eads
fullcrowmoon wrote: » Verizon is looking for people with good technical skills in the areas of IT operations or applications reviews, network operations or security audits, SSAE16 or PCI compliance, and/or ERP security and controls review. This is a Technology Audit position - you bring the skills and we'll teach you how to audit. It's actually a lot of fun! I'm totally serious about this!Technology Auditor - Ashburn, Virginia - Verizon Careershttps://www.linkedin.com/in/lauraeilers
fullcrowmoon wrote: » The listing should have other sites on it as well.
UnixGuy wrote: » I can't apply because I'm not in the US. But how do you guys get into audit? They ask me for experience in things like ISO and whatnot, stuff I have never dealt with directly.
Raystafarian wrote: » You don't seem to be using auditor interviewing techniques very well. Always act dumb about the system. Get them to break it down as far as possible. Get them to explain what you know, have them do it and watch. Lead them to tell you what the problems are. Then lead them to a solution - have them come up with it, give them credit. Now you have your finding, response and buy-in.
