Description:
Job Responsibilities:
- Assist with planning, coordinating, and supporting information technology audits.
- Prepare and coordinate audit responses and evidence submissions.
- Assist with development and tracking of: Corrective Action Plans, Plans of Action and Milestones, Safeguard and
- Security Reports, security assessment responses, audit status reports.
- Track audit findings through remediation and closure.
- Coordinate with business units and technical staff to obtain supporting documentation.
- Identify documentation gaps and work with other staff to facilitate development or revision of policies, standards, procedures, and other governance documentation.
- Review submitted evidence for completeness, consistency, and compliance.
- Monitor remediation activities and provide status reporting to management
- Assist with implementation and documentation of corrective actions.
- Maintain audit documentation repositories.
- Support periodic compliance assessments and internal reviews.
- Assist with risk assessments and compliance reporting.
Demonstrated knowledge with several of the following:
- Information security governance
- IT audit processes
- Risk management
- Control assessments
- NIST Cybersecurity Framework
- Nist SP 800-53
- IRS Publication 1075
- Corrective Action Plans (CAPs)
- Plans of Action and Milestones (POA&Ms)
- Audit evidence collection
- Compliance collection
- Compliance documentation
- Security control implementation
Preferred Skills:
- Experience supporting IRS, SSA, or OSA audits and responses.
- CISA, CGRC, CISSP, CRISC, Security+, or equivalent certifications.