Current Openings
Career Links
IT Security Auditor
Date: December 28, 2012
Location: Richmond, VA
Description:
Quantum Information Systems is seeking a IT Security Auditor for a contract position in Richmond, VA
**local candidates strongly preferred
**initial phone interview will be followed by a personal interview. Candidate must be willing and able to come to Richmond, VA for the personal interview
**All candidates must be legally eligible to be hired as a state employee
Years of Experience: 4-6 years
Roles and Responsibilities:
o Audits information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security.
o Will perform information security audits of sensitive IT systems for compliance with COV ITRM IT Security Policy SEC500-02 and ITRM IT Security Standard SEC501-07. Audits will be conducted in accordance with the IT Security Audit Standard SEC502-02.1.
o Performing all phases of an audit from the planning, developing the audit program, preparing audit work papers, creating draft reports, to presenting audit findings to management and staff.
o Performing other audit work that may include IT, financial and compliance audits
o Preparing accurate, logical and well-referenced work papers using an audit software program (Teammate) to properly document audit procedures and results
o Serving as a resource to agency staff for internal controls and information security controls on systems
o Writing clear, organized audit reports
o Reviewing new systems to ensure that security and internal controls are implemented
Fundamental requirements:
o Qualified person to conduct IT security audits of sensitive IT systems for compliance with Commonwealth of Virginia Information Security Standards
o 5 or more years of recent IT audit experience, with emphasis in conducting security audits in the areas of risk management, contingency planning, system security, data protection, IT facilities security, personnel security, threat management, and IT asset management
o Ability to conduct IT security audits from planning through reporting phases with general supervisory guidance
o Working knowledge of the Commonwealth of Virginia Information Security Policies and Standards
o Knowledge, understanding, and experience with COBIT framework
o Familiarity with pertinent industry information technology guidelines and standards (NIST, ISO, SOX, COSO)
o Current certifications such as CPA, CIA, CISA or CISSP
o Familiarity with an audit software program such as Teammate
o Exceptional verbal and written communication skills; able to write clear, organized audit reports and communicate audit findings
o Ability to establish good working relationships with SCC staff
o Legally eligible to be hired as a state employee
o Graduate of an accredited college or university in accounting, auditing or information systems
Required skills:
o Recent IT audit experience, with emphasis in conducting security audits in the areas of risk management, contingency planning, system – 5 years
o Ability to conduct IT security audits from planning through reporting phases with general supervisory guidance – 5 years
o Working knowledge of the Commonwealth of VA Information Security Policies and Standards
o Knowledge, understanding, and experience with COBIT framework – 2 years
o Certification as CPA, CIA, CISA, or CISSP
o Familiarity with an audit software program such as Teammate – 5 years
o Graduate of an accredited college or university in accounting, auditing, or information systems
**local candidates strongly preferred
**initial phone interview will be followed by a personal interview. Candidate must be willing and able to come to Richmond, VA for the personal interview
**All candidates must be legally eligible to be hired as a state employee
Years of Experience: 4-6 years
Roles and Responsibilities:
o Audits information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security.
o Will perform information security audits of sensitive IT systems for compliance with COV ITRM IT Security Policy SEC500-02 and ITRM IT Security Standard SEC501-07. Audits will be conducted in accordance with the IT Security Audit Standard SEC502-02.1.
o Performing all phases of an audit from the planning, developing the audit program, preparing audit work papers, creating draft reports, to presenting audit findings to management and staff.
o Performing other audit work that may include IT, financial and compliance audits
o Preparing accurate, logical and well-referenced work papers using an audit software program (Teammate) to properly document audit procedures and results
o Serving as a resource to agency staff for internal controls and information security controls on systems
o Writing clear, organized audit reports
o Reviewing new systems to ensure that security and internal controls are implemented
Fundamental requirements:
o Qualified person to conduct IT security audits of sensitive IT systems for compliance with Commonwealth of Virginia Information Security Standards
o 5 or more years of recent IT audit experience, with emphasis in conducting security audits in the areas of risk management, contingency planning, system security, data protection, IT facilities security, personnel security, threat management, and IT asset management
o Ability to conduct IT security audits from planning through reporting phases with general supervisory guidance
o Working knowledge of the Commonwealth of Virginia Information Security Policies and Standards
o Knowledge, understanding, and experience with COBIT framework
o Familiarity with pertinent industry information technology guidelines and standards (NIST, ISO, SOX, COSO)
o Current certifications such as CPA, CIA, CISA or CISSP
o Familiarity with an audit software program such as Teammate
o Exceptional verbal and written communication skills; able to write clear, organized audit reports and communicate audit findings
o Ability to establish good working relationships with SCC staff
o Legally eligible to be hired as a state employee
o Graduate of an accredited college or university in accounting, auditing or information systems
Required skills:
o Recent IT audit experience, with emphasis in conducting security audits in the areas of risk management, contingency planning, system – 5 years
o Ability to conduct IT security audits from planning through reporting phases with general supervisory guidance – 5 years
o Working knowledge of the Commonwealth of VA Information Security Policies and Standards
o Knowledge, understanding, and experience with COBIT framework – 2 years
o Certification as CPA, CIA, CISA, or CISSP
o Familiarity with an audit software program such as Teammate – 5 years
o Graduate of an accredited college or university in accounting, auditing, or information systems