She Recruits, LLC
IT Security Auditor
She Recruits, LLC, Arlington, Virginia, United States, 22201
Job Title:
IT Security Auditor
Location:
Hybrid (2-3 days onsite)
Pay Rate:
$40-$60/hr
Security Clearance:
Secret Clearance Required
Position Overview: We are seeking a highly skilled IT Security Auditor to join our team. This role requires a strong understanding of IT security standards, risk assessment, and control implementation. The ideal candidate will have experience working with federal financial management and accounting regulations, and possess a deep knowledge of FISCAM, NIST RMF, and other relevant frameworks.
Responsibilities:
Risk Assessment and Control Evaluation:
Identify, assess, and evaluate IT inherent and detective risks related to internal controls. Develop and maintain Risk and Control Matrices (RACMs) to support financial statement audits. Standards and Framework Adherence:
Ensure compliance with information assurance standards such as NIST RMF, 800-53, FISCAM, DODI 8500, DODI 8510, SSAE-18, and AT-C320. Corrective Action Implementation:
Design, implement, and test corrective actions to address ITAC/ITGC relevant audit risks. Process Mapping and Analysis:
Conduct end-to-end process mapping of IT systems and processes to identify potential vulnerabilities and control gaps. Audit Report Review:
Review and evaluate issued audit findings, including NFRs, to ensure accuracy and completeness. Security Clearance:
Maintain an active security clearance. Qualifications:
Must-Haves:
Master's Degree in Accounting, Finance, Information Technology, or Business Management or CPA or CISA or PMP or CGFM or CDFM 4 years of experience with federal financial management 2 years of federal accounting experience Ability to identify controls that mitigate ITAC/ITGC relevant risks Demonstrated experience with leveraging FISCAM/NIST RMF as part of testing, reviewing, and guiding Experience designing and implementing (or independently testing TOD/TOE) corrective actions to address ITAC/ITGC relevant audit risks Preferred Skills:
Experience with Federal/DoD clients Experience with business process end-to-end process mapping Performing federal audits that provided an audit opinion Performing federal audits that issued a disclaimer of opinion Experience with evaluating SOC reports in support of a financial statement audit Experience with supporting DoD SSAE-18 AT-C examinations as a service auditor
IT Security Auditor
Location:
Hybrid (2-3 days onsite)
Pay Rate:
$40-$60/hr
Security Clearance:
Secret Clearance Required
Position Overview: We are seeking a highly skilled IT Security Auditor to join our team. This role requires a strong understanding of IT security standards, risk assessment, and control implementation. The ideal candidate will have experience working with federal financial management and accounting regulations, and possess a deep knowledge of FISCAM, NIST RMF, and other relevant frameworks.
Responsibilities:
Risk Assessment and Control Evaluation:
Identify, assess, and evaluate IT inherent and detective risks related to internal controls. Develop and maintain Risk and Control Matrices (RACMs) to support financial statement audits. Standards and Framework Adherence:
Ensure compliance with information assurance standards such as NIST RMF, 800-53, FISCAM, DODI 8500, DODI 8510, SSAE-18, and AT-C320. Corrective Action Implementation:
Design, implement, and test corrective actions to address ITAC/ITGC relevant audit risks. Process Mapping and Analysis:
Conduct end-to-end process mapping of IT systems and processes to identify potential vulnerabilities and control gaps. Audit Report Review:
Review and evaluate issued audit findings, including NFRs, to ensure accuracy and completeness. Security Clearance:
Maintain an active security clearance. Qualifications:
Must-Haves:
Master's Degree in Accounting, Finance, Information Technology, or Business Management or CPA or CISA or PMP or CGFM or CDFM 4 years of experience with federal financial management 2 years of federal accounting experience Ability to identify controls that mitigate ITAC/ITGC relevant risks Demonstrated experience with leveraging FISCAM/NIST RMF as part of testing, reviewing, and guiding Experience designing and implementing (or independently testing TOD/TOE) corrective actions to address ITAC/ITGC relevant audit risks Preferred Skills:
Experience with Federal/DoD clients Experience with business process end-to-end process mapping Performing federal audits that provided an audit opinion Performing federal audits that issued a disclaimer of opinion Experience with evaluating SOC reports in support of a financial statement audit Experience with supporting DoD SSAE-18 AT-C examinations as a service auditor