IT Audit & Compliance Analyst - IRS 1075 / NISTWe are seeking an experienced cybersecurity audit and compliance professional to joing our team onsite in Jackson, MI and support internal and external IT audits, coordinate evidence submissions, track findings through remediation and closure, and maintain corrective action documentation. Candidates must have hands-on experience with audit response activities, security control assessments, CAPs, POA&Ms, NIST frameworks, and compliance documentation.
This is not a security operations, penetration testing, vulnerability management, or financial audit position.
Overview / Summary Focus of the job will be to provide audit and compliance support services to assist with preparing for, responding to, and tracking internal and external audits. This role will coordinate with agency personnel, technical staff, and documentation resources to ensure audit requirements are addressed accurately and on time.
Key Responsibilities - Assist with planning, coordinating, and supporting information technology audits.
- Prepare and coordinate audit responses and evidence submissions.
- Assist with the development and tracking of:
- Corrective Action Plans (CAPs)
- Plans of Action and Milestones (POA&Ms)
- Safeguard and Security Reports
- Security assessment responses
- Audit status reports
- Track audit findings through remediation and closure.
- Coordinate with business units and technical staff to obtain supporting documentation.
- Identify documentation gaps and work with staff to facilitate the development or revision of policies, standards, procedures, and other governance documentation.
- Review submitted evidence for completeness, consistency, and compliance.
- Monitor remediation activities and provide status reporting to management.
- Assist with implementation and documentation of corrective actions.
- Maintain audit documentation repositories.
- Support periodic compliance assessments and internal reviews.
- Assist with risk assessments and compliance reporting.
Required Qualifications - Demonstrated knowledge of several of the following:
- Information security governance
- IT audit processes
- Risk management
- Control assessments
- NIST Cybersecurity Framework
- NIST SP 800-53
- IRS Publication 1075
- Corrective Action Plans (CAPs)
- Plans of Action and Milestones (POA&Ms)
- Audit evidence collection
- Compliance collection
- Compliance documentation
- Security control implementation
Preferred Qualifications - Experience supporting IRS, SSA, or OSA audits and responses.
- CISA, CGRC, CISSP, CRISC, Security+, or equivalent certifications.
#LI-Onsite #LI-AW1 #Hiring