Job Details

Home

C2C Requirments security Engineer ( Auditor)NO H1B at Remote, Remote, USA

http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=2121374&uid=

Title: Sr. security Engineer ( Auditor)
Location: Hybrid 6 days/month onsite in DC
Type: Long Term Contract
Must have:
NIST or SOC or SOX or FISCAM or COBIT or FISMA and auditor ,CISSP or CISA

BACKGROUND: The Planning, Governance, and Innovation department in Technology Services of the Division of Management propose to engage a Contractor to provide compliance and information security support to in preparation for annual
Financial Statement Audits, internal

SOX control reviews, FISMA reviews, provide support in updating policies and procedures, and assist with ongoing compliance self-assessments.

REQUIREMENTS:

The candidate shall have demonstrated experience in the following:

Experience with financial applications
Experience with evaluating cloud internal controls reports, SOC-1 and SOC-2
Simultaneously works on several complex assignments requiring analysis of control
applicability and evaluation of control gaps for financial systems.

Experience with supporting financial IT audits and successfully developing audit and
security related system documentation to reduce risk and meet control requirements

desired.

Experience with performing system audit log reviews via Splunk tool
Experience assessing and evaluating NIST 800-53 controls
Experience in developing a Risk Control Matrix, Test of Design and Test of
Effectiveness (TOD/TOE)
Must have at least five years of progressively responsible experience in the information
technology arena as an IT auditor, IT security analyst, IT manager, business analyst,

system administrator or a combination of these.

Possess clear, concise, and effective verbal and written communication and project
management skills needed for functioning in an unstructured matrix management

environment.

Work independently and meet deadlines for assigned tasks
Experience with assessing IT systems leveraging SOX, FISCAM, COBIT, or FISMA
Compliance strongly desired.
CISSP or CISA certification strongly desired.
Experience with Workday or Coupa a plus, but not required

KEY RESPONSIBILITIES

Participates in the process to evaluate, develop, maintain, and update the technology
compliance program. Advises the technology support officer and technology managers

on compliance, information security, and internal controls.

Prepares the technology departments for the yearly financial statement audit and SOX
internal control reviews.

Assist in developing required documents in support of internal SOX or FISMA reviews.
Develop solutions with team members to minimize vulnerabilities.
Advises the technology officer of SOX and compliance issues and recommends solutions
Provides a weekly status report to the COR documenting concerns, issues, risks, and
progress.

Recommends and helps implement GRC Tools to increase automation in the areas of
compliance, auditing, and vulnerability detection for the branch.

Perform weekly Splunk/audit log reviews and report any anomalies
Evaluate system documentation to meet compliance requirements
Assists with building governance and risk management tasks and activities for the team
and management review

Designs, tests and reviews controls for compliance and ensures proper documentation is
recorded.

Creates audit and monitoring reports used by the team, as directed.
The External Auditor Consultant shall deliver, but not limited to, the following:
Thoroughly assess and validate the SOX Risk Control Matrices (RCMs) for identified
systems of record against Board policies. Document findings and recommendations.

Crosswalk the SOX RCMs against the TS/ Board Information Security Program (BISP)
standards and procedures and document the results.

Provide recommendations, develop action plans, and help implement capabilities to
improve compliance and security practices.

Document updates to compliance related policies, processes, procedures, and/or standards
as directed by the compliance team.

Thanks & Regards

Shalini

Sr. Technical Recruiter
SR Talent Solution INC.

--

Keywords: information technology
C2C Requirments security Engineer ( Auditor)NO H1B
[email protected]
http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=2121374&uid=

[email protected]
View All

11:49 PM 28-Jan-25

To remove this job post send "job_kill 2121374" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

shalini@srtalentsolution.com wrote:
Title: Sr. security Engineer ( Auditor)
Location: Hybrid 6 days/month onsite in  DC
Type: Long Term Contract
Must have: 
NIST or SOC  or SOX or FISCAM or COBIT or FISMA and auditor ,CISSP or CISA

BACKGROUND: The Planning, Governance, and Innovation department in Technology Services of the Division of Management propose to engage a Contractor to provide compliance and information security support to in preparation for annual 
Financial Statement Audits, internal

SOX control reviews, FISMA reviews, provide support in updating policies and procedures, and assist with ongoing compliance self-assessments.

REQUIREMENTS:

The candidate shall have demonstrated experience in the following:

Experience with financial applications
Experience with evaluating cloud internal controls reports, SOC-1 and SOC-2
Simultaneously works on several complex assignments requiring analysis of control
applicability and evaluation of control gaps for financial systems.

Experience with supporting financial IT audits and successfully developing audit and
security related system documentation to reduce risk and meet control requirements

desired.

Experience with performing system audit log reviews via Splunk tool
Experience assessing and evaluating NIST 800-53 controls
Experience in developing a Risk Control Matrix, Test of Design and Test of
Effectiveness (TOD/TOE)
Must have at least five years of progressively responsible experience in the information
technology arena as an IT auditor, IT security analyst, IT manager, business analyst,

system administrator or a combination of these.

Possess clear, concise, and effective verbal and written communication and project
management skills needed for functioning in an unstructured matrix management

environment.

Work independently and meet deadlines for assigned tasks
Experience with assessing IT systems leveraging SOX, FISCAM, COBIT, or FISMA
Compliance strongly desired.
CISSP or CISA certification strongly desired.
Experience with Workday or Coupa a plus, but not required

KEY RESPONSIBILITIES

Participates in the process to evaluate, develop, maintain, and update the technology
compliance program. Advises the technology support officer and technology managers

on compliance, information security, and internal controls.

Prepares the technology departments for the yearly financial statement audit and SOX
internal control reviews.

Assist in developing required documents in support of internal SOX or FISMA reviews.
Develop solutions with team members to minimize vulnerabilities.
Advises the technology officer of SOX and compliance issues and recommends solutions
Provides a weekly status report to the COR documenting concerns, issues, risks, and
progress.

Recommends and helps implement GRC Tools to increase automation in the areas of
compliance, auditing, and vulnerability detection for the branch.

Perform weekly Splunk/audit log reviews and report any anomalies
Evaluate system documentation to meet compliance requirements
Assists with building governance and risk management tasks and activities for the team
and management review

Designs, tests and reviews controls for compliance and ensures proper documentation is
recorded.

Creates audit and monitoring reports used by the team, as directed.
The External Auditor Consultant shall deliver, but not limited to, the following:
Thoroughly assess and validate the SOX Risk Control Matrices (RCMs) for identified
systems of record against Board policies. Document findings and recommendations.

Crosswalk the SOX RCMs against the TS/ Board Information Security Program (BISP)
standards and procedures and document the results.

Provide recommendations, develop action plans, and help implement capabilities to
improve compliance and security practices.

Document updates to compliance related policies, processes, procedures, and/or standards
as directed by the compliance team.

Thanks & Regards

Shalini

Sr. Technical Recruiter
SR Talent Solution INC.

Keywords: information technology 
C2C Requirments security Engineer ( Auditor)NO H1B
shalini@srtalentsolution.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]

Time Taken: 3

Location: ,