IT Security Auditor - Richmond, VA/Hybrid

STI

$80K — $120K *
Richmond, VA 23223Hybrid
Information Technology
5 - 7 years of experience
More than 3 months ago
Job Overview by Ladders

Qualifications

  • 5+ years of experience in IT auditing or a related field
  • Familiarity with CMS, IRS, and SCC security standards
  • Strong analytical skills for risk assessment
  • Proficiency in developing security policies and procedures
  • Excellent communication skills for reporting findings and recommendations
  • Bachelor's degree in Information Technology, Cybersecurity or a related field

Responsibilities

  • Assess current security controls against updated standards.
  • Identify and fill security compliance gaps with actionable remediation steps.
  • Lead the planning and updates of security policies and documentation.
  • Design and implement vendor assessment training processes.
  • Develop tools to evaluate vendor security compliance and performance.
  • Evaluate vendor and partner security posture for contractual compliance.
  • Conduct tests to measure the effectiveness of security controls and practices.
  • Report and present audit findings and risk analyses clearly and concisely.

Benefits

  • On-site work required two days a week
  • Opportunity to influence significant security improvements
  • Participation in a crucial regulatory compliance effort
  • Access to professional development during the audit process
  • Engagement with various partners and vendors for broad networking opportunities
Full Job Description
IT Security Auditor
Richmond, VA
ON SITE REQUIRED: Tuesday AND Thursday each week
12+ Months

Description:

SCC's Health Benefit Exchange division is seeking an experienced IT Auditor

Parking not provided for contractors

Pls note:
The manager will conduct first round interviews on TEAMS and then require the TOP candidate in for a follow up IN PERSON (2nd) interview.

ABOUT THE ROLE
The SCC's Health Benefit Exchange division is seeking an experienced IT auditor to support our transition to a new security standard and strengthen our third-party risk management program. This role will help interpret and implement updated security requirements, conduct audits and assessments of both internal processes and external vendors and partners evaluating controls and recommending improvements.

Responsibilities Include:
  • Assess current security controls and processes against new CMS, IRS, and SCC security standards.
  • Identify gaps and recommend remediation steps to achieve and maintain compliance.
  • Plan, lead, and execute development and updates to policies, procedures, and documentation to reflect requirements.
  • Design, implement, and train on the process for assessing partners and vendors, ensuring alignment with security standards.
  • Develop assessment tools, workflows, and scoring model to evaluate and measure the effectiveness and compliance of vendor and partner security controls.
  • Evaluate the security posture of vendors and partners to ensure information security contractual, information sharing, and data sharing agreement requirements are met.
  • Test the effectiveness of operational and management controls using interviews, document reviews, and observation.
  • Analyze, assess, report, and present on audit findings, risk exposure, and recommendations.
  • Support information security continuous monitoring and incident response programs.
  • Perform related work as required.
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at STI

More Information Technology Jobs

Find similar IT Security Auditor - Richmond, VA/Hybrid jobs:

NationwideRichmond, VA