Career Description

 

IT Auditors

 

Must be available evenings and weekends during assignments.

Perform the following IT controls assessment and audit activities:

(1) Review IT policies/procedures and perform Process Walk throughs to identify and document relevant systems, IT general controls and IT Application controls.

(2) Collect supporting client artifacts (such as system security plans, vulnerability assessment reports, etc.),

(3) map current IT controls and supporting artifacts to a predetermined IT Controls Set,

(4) develop and execute IT controls test plans in order to assess (test) the design and operational effectiveness of current IT controls & supporting artifacts against the IT Controls Set,

(5) Produce and maintain detailed work papers of control test activities and results, and

(6) Identify and document IT internal control deficiencies and provide clear and concise recommendations to client management regarding the elimination or mitigation of control deficiencies.

[Examples of IT control areas assessed/tested include security management, software change management and continuity of operations]

[Examples of the project the candidate can be assigned to include IT components of external financial statement audits, FISMA compliance audits, or SSAE 16 or 18 SOC 1 audits]

REQUIREMENTS:

The IT Auditor must:

— have two or more (2+) years of hands-on IT controls testing experience (test of design and test of effectiveness) in compliance with FISCAM or NIST SP 800-53 (in order of preference).

— have strong written and verbal communication and presentation skills

— be a motivated individual with strong work ethics

— be meticulous and detail oriented

— have a strong interest in a career in IT regulatory compliance and governance best practices

Experience:

  • FISCAM AND/OR NIST 800-53 BASED IT CONTROLS TESTING: 2 years (Required)
  • FISCAM BASED IT CONTROLS TESTING: 1 year (Preferred)
  • FEDERAL GOVERNMENT AND/OR DOD IT CONTROLS TESTING: 1 year (Required)
  • NIST 800-53 BASED IT CONTROLS TESTING: 1 year (Preferred)
  • SSAE 16 OR 18 SOC1 OR SOC2 ASSESSMENT/AUDIT: 1 year (Preferred)

Education:

  • Bachelor’s (Preferred)

License:

  • CISA (Preferred)

Sr. Linux/Windows System Administrator

 

The candidate’s roles and responsibilities include:

  • Integrates multi-level security and insider threat mitigation technologies
  • Develop infrastructure and service management concept of operations
  • Develop and maintain automation capabilities to streamline and secure technical processes
  • Administer backups and diagnose backup errors
  • Maintain strict access control to all networks and IT infrastructures
  • Manage client agents for server monitoring as well as agents for server management
  • Proactively management of infrastructure to help maintain a healthy environment
  • Provide technical leadership and mentorship to 1st and 2nd level system administrators
  • Maintain infrastructure security standards for all systems & employ security hardening techniques

Required qualifications:

  • Minimum of 4 years’ experience with the following:
  • UNIX and Linux systems
  • VMware VSphere (ESXi, vCenter, etc)
  • Systems deployment, administration, performance tuning, and monitoring
  • Cross-domain solutions
  • Hyperconverged infrastructure
  • Familiar with Window Servers, Active Directory and Group Policy
  • Network and infrastructure services such as domain controllers, global catalogs, DNS, and DHCP
  • Infrastructure backup, restore, disaster recovery and business continuity
  • Strong Window Severs, Active directory and Group Policy
  • Crossed-domain solutions
  • Multi-tenancy architecture knowledge
  • Critical thinking – ability to solve technical problems independently and with collaborative teams
  • Proven understanding of datacenter concepts and technologies
  • Ability to effectively provide direction for a multi-disciplined IT team to product infrastructure solutions for large-scale, complex systems
  • Effective written and interpersonal communication

Desired Qualifications:

  • DevOps
  • Cloud computing (AWS, Azure)
  • Experience with the following Microsoft technologies:
  • SCCM, KMS, MDT, and WSUS
  • Exchange and Lync
  • Windows Desktops (Windows XP, 7, 10)
  • Familiarity with Splunk & Centrify products
  • CompTIA Security+ certification or other industry-recognized certifications relevant to a Windows System Administrator
  • Experience with Solaris 10
  • BASH Scripting
  • ITIL Foundations and/or ITIL Service Operations

Minimum Education Required:

  • Bachelor’s Degree (Preferred)