IT Audit Specialist
Description:
Job Description
IT Audit Specialist
Reston, VA 20190
Security Clearance Requirement: Current TS/SCI
Location Note: On-Site Support Required
Position Description:
E-volve Technology Systems, Inc. is hiring an IT Internal Audit Specialist is responsible for testing of internal controls over financial systems, assessing the internal controls and risks of the agency's financial system, assessment of financial management policies for compliance, preparation of audit reports and NFR's, identifying weaknesses in the system and creating an action plan to ensure compliance with NIST guidelines and standards.
The IT Internal Audit Specialist will have a role in working directly with clients and other organizational stakeholders to support IT internal control efforts, including audits/assessments, remediation, and other ad-hoc efforts.
Duties and responsibilities:
Performing rigorous audits/assessments of IT controls using industry-standard guidance and leading practices
Performing walkthrough interviews and maintaining communication with a variety of client stakeholders, including system personnel such as system and database administrators
Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing IT controls testing such as security plans, SOPs, system screenshots, and system configuration settings
Evaluating the design and operating effectiveness of IT controls using provided artifacts, industry-standard guidance, leading practices, and professional judgement
Professionally documenting the results of IT controls test work in a consistent and high-quality manner that would allow a reviewer to repeat the test and reach the same conclusion
Summarizing and communicating IT controls assessment results to a variety of client stakeholders, including senior leadership personnel
Planning and executing day-to-day activities of IT controls assessments individually and for the team
Working with client personnel to understand and analyze known IT control weaknesses, identify root causes, and develop detailed, robust remediation plans
Providing subject matter expertise to client personnel on all matters relatin responding to ad-hoc IT controls requests from client personnel
Required experience and qualifications:
U.S. citizenship
Current TS/SCI security clearance
Current CI polygraph or ability to obtain CI polygraph
8 years of related experience with a bachelor's degree OR 12 years of related experience with a HS Diploma/GED
Knowledge and experience in IT risk and controls through IT audits, IT control assessments, and IT security reviews.
Working knowledge of IT audit, the FISCAM, and other relevant federal information assurance laws, regulations, and guidance.
Experience performing IT audits, OMB Circular A-123 or similar internal control assessments, and/or remediating and implementing IT controls is preferable. Experience testing or remediating some or all the following IT controls topic areas is preferable:
Experience with access and account management including authorization, provisioning, recertification, and separation
Experience with segregation of duties, including identifying and defining segregation of duties risks and conflicts, preventive and detective segregation of duties controls, and understanding the difference between segregation of duties and least privilege
Experience with technical account management controls such as password length, complexity, and expiration
Experience with audit logging and monitoring including generation of audit logs, use of audit log aggregation and analysis tools, and audit log monitoring and review
Experience with configuration management including configuration baseline concepts, baseline deviations, baseline maintenance, monitoring for ongoing compliance with a baseline, and industry-accepted baselines such as DISA STIGs and CIS benchmarks
Experience with change management including authorization, development, testing, and deployment of changes
Experience wtih contingency planning including backups, testing of backups, and alternate sites
Preferred experience:
Experience performing Federal Information System Controls Audit Manual (FISCAM), Financial Improvement Audit Remediation (FIAR) and Federal Information Security Management Act (FISMA) security reviews
CISA or CIA certification
1-2 years of Federal or DOD IT audit experience
E-volve Technology Systems, Inc. provides Mission Operations, Information Technology Management, and Intelligence Analysis support services to advance National Security and other Federal Government programs within the Department of Defense (DoD), Intelligence, and Civilian government agencies. For more information please visit us at
E-volve Technology Systems, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. We comply with Form I-9 identity and legal work authorization requirements for Employment Eligibility Verification in accordance the Immigration Reform and Control Act of 1986 (IRCA).
E-volve Technology Systems, Inc. offers fair and competitive compensation and benefits to all eligible employees. Salaries are dependent upon a wide range of factors including position requirements, customer/program needs, individual qualifications, education, experience, certification and/or training, location, and other job-related factors.
Please email any questions to:
Powered by JazzHR
ei09qWQSCc