IT Security Auditor

Arlington, Virginia

 She Recruits, LLC
Apply for this Job
Job Title: IT Security Auditor

Location: Hybrid (2-3 days onsite)

Pay Rate: $40-$60/hr

Security Clearance: Secret Clearance Required

Position Overview:We are seeking a highly skilled IT Security Auditor to join our team. This role requires a strong understanding of IT security standards, risk assessment, and control implementation. The ideal candidate will have experience working with federal financial management and accounting regulations, and possess a deep knowledge of FISCAM, NIST RMF, and other relevant frameworks.

Responsibilities:
  • Risk Assessment and Control Evaluation: Identify, assess, and evaluate IT inherent and detective risks related to internal controls. Develop and maintain Risk and Control Matrices (RACMs) to support financial statement audits.
  • Standards and Framework Adherence: Ensure compliance with information assurance standards such as NIST RMF, 800-53, FISCAM, DODI 8500, DODI 8510, SSAE-18, and AT-C320.
  • Corrective Action Implementation: Design, implement, and test corrective actions to address ITAC/ITGC relevant audit risks.
  • Process Mapping and Analysis: Conduct end-to-end process mapping of IT systems and processes to identify potential vulnerabilities and control gaps.
  • Audit Report Review: Review and evaluate issued audit findings, including NFRs, to ensure accuracy and completeness.
  • Security Clearance: Maintain an active security clearance.
Qualifications:

Must-Haves:
  • Master's Degree in Accounting, Finance, Information Technology, or Business Management or CPA or CISA or PMP or CGFM or CDFM
  • 4 years of experience with federal financial management
  • 2 years of federal accounting experience
  • Ability to identify controls that mitigate ITAC/ITGC relevant risks
  • Demonstrated experience with leveraging FISCAM/NIST RMF as part of testing, reviewing, and guiding
  • Experience designing and implementing (or independently testing TOD/TOE) corrective actions to address ITAC/ITGC relevant audit risks
Preferred Skills:
  • Experience with Federal/DoD clients
  • Experience with business process end-to-end process mapping
  • Performing federal audits that provided an audit opinion
  • Performing federal audits that issued a disclaimer of opinion
  • Experience with evaluating SOC reports in support of a financial statement audit
  • Experience with supporting DoD SSAE-18 AT-C examinations as a service auditor
Date Posted: 23 April 2025
Apply for this Job
Show me similar jobs
Send me jobs by email