Job Description
External Auditor Consultant (FISMA, SOX) (Intermediate)
Personnel Qualifications:
- A related bachelor’s degree in Information Technology, Information Assurance, Accounting Information Systems or five (5) years of equivalent experience.
- At least five (5) years of experience with: FISMA, FISCAM, NIST, SOX, COBIT, Systems Development Life Cycle (SDLC), Risk Management Framework (RMF) strongly desired.
- Experience with financial applications.
- Experience with evaluating cloud internal controls reports, SOC-1 and SOC-2.
- Experience with leading financial IT audits and successfully developing audit and security related system documentation to reduce risk and meet control requirements desired.
- Experience in developing a Risk Control Matrix, Test of Design and Test of Effectiveness (TOD/TOE).
- Prior experience as an IT auditor, IT security analyst, IT manager, business analyst, system administrator or a combination of these.
- Possess clear, concise, and effective verbal and written communication and project management skills needed for functioning in an unstructured matrix management environment.
- CISA or CISSP certification strongly preferred.
Capabilities:
- Participates in the process to evaluate, develop, maintain, and update the technology compliance program. Advises the technology support officer and technology managers on compliance, information security, and internal controls.
- Prepares the technology departments for the yearly financial statement audit and SOX internal control reviews.
- Assists in developing required documents in support of internal SOX or FISMA reviews.
- Simultaneously works on several complex assignments requiring analysis of control applicability and evaluation of control gaps for financial systems.
- Develops solutions with team members to minimize vulnerabilities.
- Advises the technology officer of SOX and compliance issues and recommends solutions.
- Recommends and helps implement Governance, Risk & Compliance (GRC) tools to increase automation in the areas of compliance, auditing, and vulnerability detection for the branch.
- Designs, tests, and reviews controls for compliance and ensures proper documentation is recorded.
- Creates audit and monitoring reports used by the team as directed.
- Works independently and meets deadlines for assigned tasks.
Visit Original Source:
https://www.indeed.com/viewjob