It Auditor – Cms Data Evaluation Specialist

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter.

Our work depends on an IT Auditor/Data Evaluation Specialist to support the Centers for Medicare and Medicaid Services (CMS). This individual will conduct evaluations of data, and assess the integrity, security, and compliance of IT systems and processes utilized by CMS. Your primary focus will be on evaluating the customers' information technology controls and ensuring their security and confidentiality.

HOW AN INFORMATION SECURITY ANALYST WILL MAKE AN IMPACT:

• Assess data integrity and accuracy: Evaluate the procedures and controls in place to ensure the security and integrity of the CMS data obtained by customers.
• Review security measures: Assess the security controls implemented by customers to protect CMS data from unauthorized access, modification, or disclosure. Identify vulnerabilities and recommend remediation measures.
• Perform comprehensive audits: Conduct thorough evaluations of the IT systems and processes used by customers who obtain data from CMS, ensuring compliance with applicable laws, regulations, and industry standards.
• Documentation and reporting: Prepare detailed audit reports documenting findings, recommendations, and observations. Communicate audit results to stakeholders, including management and CMS.
• Stay up to date with industry trends: Keep abreast of emerging technologies, industry best practices, and regulatory changes related to CMS data access and privacy. Apply this knowledge to enhance audit procedures and ensure compliance.
• Compliance verification: Ensure customers' compliance with CMS data sharing agreements, contractual obligations, and relevant privacy and security regulations.
• Risk assessment: Identify and assess potential risks associated with customers' IT systems, processes, and controls. Provide recommendations to mitigate risks and enhance overall compliance.

WHAT YOU’LL NEED TO SUCCEED:

• Effective communication and interpersonal skills to interact with stakeholders at all levels.
• BA/BS in information technology, computer science, or a related field (or equivalent experience), Relevant certifications (e.g., CISA, CISSP) are highly desirable,
• Familiarity with auditing frameworks and methodologies, such as COBIT, NIST 800-53, or ISO 27001. An in-depth understanding of CMS data sharing policies, procedures, and regulations (specifically Acceptable Risk Safeguards 3.1 & 5.1) is preferred, but not required.
• Proficiency in conducting risk assessments and identifying control deficiencies.
• Strong knowledge of information security principles and best practices, including access controls, network security, and data privacy.
• Ability to work independently, prioritize tasks, and meet deadlines.
• 5+ years of experience as an IT Auditor, ideally with a focus on data evaluations and compliance.
• Excellent analytical skills and attention to detail.
• In-depth understanding of CMS data sharing policies, procedures, and regulations.

SECURITY CLEARANCE LEVEL:

• Ability to obtain a Public Trust, which includes a residency requirement to have lived in the US 3 of the last 5 years.

WHAT GDIT CAN OFFER YOU:

• Collaborative teams of highly motivated critical thinkers and innovators.
• 401K with company match.
• Internal mobility team dedicated to helping you own your career.
• Ability to make a real impact on the world around you.
• Full-flex work week.

#GDITPublicHealthJobs