IT Security Auditor 3
IT Security Auditor 3
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job:SCC - IT Security Auditor 3 - Both WEB AND IN PERSON IVS! (768270)
Location : 1300 e main street richmond VA
Client : State of VA
Pls make sure to highlight or BOLD (on your candidates resume) their exp with any of the REQUIRED and of DESIRED experience /skills - this helps you (and us) to determine their fit for the role.
SCCs Health Benefit Exchange division is seeking an experienced IT Auditor
ON SITE REQUIRED: Tuesday AND Thursday each week
Parking not provided for contractors
Deadline to submit Mon. 7/28 by 4 pm est pls so there is time for us the short list and forward candidates.
Pls note: The manager will conduct first round interviews on TEAMS and then require the TOP candidate in for a follow up IN PERSON (2nd) interview.
SCCs Health Benefit Exchange division is seeking an experienced IT Auditor
ON SITE REQUIRED: Tuesday and Thursday each week
Parking not provided for contractors
ABOUT THE ROLE
The SCCs Health Benefit Exchange division is seeking an experienced IT auditor to support our transition to a new security standard and strengthen our third-party risk management program. This role will help interpret and implement updated security requirements conduct audits and assessments of both internal processes and external vendors and partners evaluating controls and recommending improvements.
Responsibilities Include:
Assess current security controls and processes against new CMS IRS and SCC security standards.
Identify gaps and recommend remediation steps to achieve and maintain compliance.
Plan lead and execute development and updates to policies procedures and documentation to reflect requirements.
Design implement and train on the process for assessing partners and vendors ensuring alignment with security standards.
Develop assessment tools workflows and scoring model to evaluate and measure the effectiveness and compliance of vendor and partner security controls.
Evaluate the security posture of vendors and partners to ensure information security contractual information sharing and data sharing agreement requirements are met.
Test the effectiveness of operational and management controls using interviews document reviews and observation.
Analyze assess report and present on audit findings risk exposure and recommendations.
Support information security continuous monitoring and incident response programs.
Perform related work as required.
Audit and compliance/information security/information technology experience or combination thereof
Required
8
Years
Information Security control audit and assessment experience
Required
4
Years
NIST 800-53 or other security framework
Required
4
Years
Perform testing analysis reporting and develop remediation plans for compliance with operational and management controls
Required
4
Years
Develop and update policies procedures and documentation
Required
2
Years
Healthcare health insurance or ACA
Desired
2
Years
Industry recognized certification CISA CIA GSNA CISSP or equivalent
Thanks & Regards
Employment Type
Full-time
