IT Audit ConsultantOnsite
Description:Diversified Systems is searching for an IT Audit Consultant to provide audit and compliance support services to assist with preparing for, responding to, and tracking internal and external audits. The contractor will coordinate with agency personnel, technical staff, and documentation resources to ensure audit requirements are addressed accurately and timely.
Responsibilities:- Assist with planning, coordinating, and supporting information technology audits.
- Prepare and coordinate audit responses and evidence submissions.
- Assist with development and tracking of Corrective Action Plans (CAPs), Plans of Action and Milestones (POA&Ms), Safeguard and Security Reports, security assessment responses, and audit status reports.
- Track audit findings through remediation and closure.
- Coordinate with business units and technical staff to obtain supporting documentation.
- Identify documentation gaps and work with other staff to facilitate development or revision of policies, standards, procedures, and other governance documentation.
- Review submitted evidence for completeness, consistency, and compliance.
- Monitor remediation activities and provide status reporting to management.
- Assist with implementation and documentation of corrective actions.
- Maintain audit documentation repositories.
- Support periodic compliance assessments and internal reviews.
- Assist with risk assessments and compliance reporting.
Requirements:- Demonstrated knowledge of information security governance required.
- Demonstrated knowledge of IT audit processes required.
- Demonstrated knowledge of risk management required.
- Demonstrated knowledge of control assessments required.
- Demonstrated knowledge of NIST Cybersecurity Framework required.
- Demonstrated knowledge of NIST SP 800-53 required.
- Demonstrated knowledge of IRS Publication 1075 required.
- Demonstrated knowledge of Corrective Action Plans (CAPs) required.
- Demonstrated knowledge of Plans of Action and Milestones (POA&Ms) required.
- Demonstrated knowledge of audit evidence collection required.
- Demonstrated knowledge of compliance collection required.
- Demonstrated knowledge of compliance documentation required.
- Demonstrated knowledge of security control implementation required.
Preferred Qualifications:- Experience supporting IRS, SSA, or OSA audits and responses highly desired.
- CISA certification highly desired.
- CGRC certification highly desired.
- CISSP certification highly desired.
- CRISC certification highly desired.
- Security+ certification highly desired.
- Equivalent certifications highly desired.