It Systems Auditor Jobs

Overview:

Credence Management Solutions, LLC (Credence) is seeking a IT Systems Auditor to provide support to the Defense Logistics Agency (DLA) Procurement Integrated Enterprise Environment (PIEE) Program Management Office (PMO). This position will support and assist the PMO with assessing, supporting, and sustaining the programs overall audit readiness requirements, which includes conducting scheduled audits, recommending actions to correct deficiencies identified, monitoring progress of corrective actions, and providing support for improving and/or sustaining compliance.

Responsibilities:

• Evaluate relevant internal controls associated with the administration and operations of the program.
• Experience in developing Controls descriptions, evidentiary materials valiation and testing for SOC1 Type 2 audits.
• Identify, assess, analyze, and communicate all findings and observations.
• Review and assist the Government Lead in remediation of Potential Observations (PO).
• Coordinate the collection, review, and submission of Evidential Materials (EM) in response to Provided By Client (PBC) requests.
• Experience in providing summary reports and working papers with detailed results and actionable recommendations
• Demonstrated experience in evaluating controls within ERP systems
• Demonstrated understanding of the Federal Financial Improvement Act (FFMIA) requirements and experience applying FFMIA requirements in assessment of financial systems
• Ensure the team maintains the list of all user entities with whom the PMO has an Audit Memo of Understanding (MOU) or Memo of Agreement (MOA)
• Experience in planning, executing and reporting on information systems controls assessments and to provide support for reviewing/implementing the Management Internal Control Program (MICP).
• Collaborate with PMO Subject Matter Experts (SME) to manage ITGC internal testing. To include, but not limited to Audit Logging, Access Controls, Configuration Management, and Segregation of Duties.
• Understanding of systems development phases and related work products, including requirements and design documentation
• Perform the annual risk assessment and prepare the Risk Assessment Report (RAR) on all PIEE Information Technology General Controls (ITGC) and application controls.
• Review deviations and/or Notice of Findings (NFR) with PMO SMEs and Government Team Lead to ensure that all deviations and/or NFRs are updated in the Office of the Under Secretary (OSD) NFR Database.
• Communicates status of internal audits to the PM and PMO Functional Leads at Internal Review.
• Develop strategies to address noted findings.
• Understanding of GAO, the Federal Information Systems Controls Audit Manual and Federal Audit Manual approaches, and ability to access information system controls in areas of Security Management, Access, Configuration Management, Segregation of Duties, and application Input, Output and Processing Controls.
• Experience with Federal accounting principles: how to apply them in various accounting systems and how data can be captured and analyzed in various environments.

Qualifications:

• Five (5) years of relevant C&A experience; Risk Management Framework (RMF)
• Active Secret clearance preferred or ability to obtain a Secret clearance
• Excellent analytical and writing skills
• Certified Information Systems Auditor (CISA) (preferred)
• Knowledgeable in OMB Circulars A-123, Management’s Responsibility for Internal Control; A-127, Financial Management Systems; A-134, Financial Accounting Principles and Standards; and the Federal Information Systems Controls Audit Manual requirements
• Bachelor’s Degree in Computer Science, IT or related field
• Experience working with DoD/DLA is highly desired
• Knowledge and understanding of DOD security regulations, DISA STIGs.
• Familiarity with Federal Acquisition Regulations and the principles of being directly involved in the acquisition aspect
• Experience in assessing Information System General Controls (ITGC), security controls and conducting authorization reviews for large, complex organizations.