Senior Financial Manager (Audit)

Savantage Solutions is hiring a Senior Financial Manager to support IT audit engagements and CUEC assessments. Responsibilities include identifying service providers assessing risks evaluating controls testing control effectiveness and implementing corrective actions.

Duties and Responsibilities:

• Provide Quality Assurance (QA) review of IT control documentation test plans and Key Supporting (KSD) packages prior to submission for audit or Statement of Assurance purposes.
• Support testing of IT General Controls (ITGCs) including:
  • User Access Management (provisioning de-provisioning privileged access)
  • Change Management
  • Configuration Management
  • System Interfaces and Data Transfers
• Assist in the development and execution of ITGCtest plans (Test of Design (ToE)/(Test of Effectiveness (ToE)) procedures including walkthroughs sampling and evidence validation.
• Validate completeness and accuracy of IT control populations and samples used for testing.
• Support Statement of Assurance (SoA) IT inputs including identification of IT risks mapping of IT controls to financial reporting objectives and documentation of IT control ownership.
• Assist in drafting SoA narratives and flowcharts related to IT systems including control descriptions risk statements and remediation status.
• Review SOC 1/ SOC 2 reports to identify CUEC applicable to CBDP and support mapping of SOC controls to internal CBDP IT controls and assist in documenting reliance strategies.
• Audit Engagement support including development QA review validation and submission of IT and business process documentation in response to audit prepared by client (PBC) requests.
• Review Notice of Findings and Recommendations (NFRs) and develop or recommend Corrective Action Plans (CAPs) to remediate deficiencies and weaknesses.
• Monitor and assess the implementation and validation of CAPs.
• Risk Management and Remediation to include providing expertise recommendations and industry best practices to support continuous improvements and increased feedback throughout the Audit Engagement and Audit Remediation processes to include guidance business rules and process workflows.
• Audit Remediation Data Management using information provided by stakeholders perform timely uploads or updates to CAP-related documentation in the designated audit remediation tool and provide an update to customer management.
• Perform data analytics to assess the risk of misstatement from CAPs that are not fully remediated.
• Assess remediation testing results to determine sufficiency of remediation procedures.
• Internal Controls Over Financial Systems (ICOFS) - Develop test plans to validate internal controls are in place for ICOFS/Complementary User Entity (CUECs).
• Conduct a review of Statements of Assurance (SOA) for accuracy and completeness as it relates to ICOFS. This includes providing advice and performing reviews assessments and a gap analysis to Federal Information Systems Control Audit Manual (FISCAM) requirements and NIST 800-53 standards and controls.
• Develop update and review Memorandums of Understanding (MOUs) with service providers to include CUEC roles and responsibilities.
• Plan and execute the day-to-day activities of IT audit and CUEC engagements.
• Assist with the review of work performed by other team members.

Knowledge Skill and Abilities:

• Experience performing ITGC testing (access management change management Configuration)
• Experience supporting A-123 Statement of Assurance IT requirements
• Experience with Service Organization Controls (SOC) and Complementary User Entity Control (CUEC) assessments and implementation.
• Familiarity with FISCAM NIST 800-53 and Federal financial system controls.
• Experience performing Quality Assurance reviews of audit workpapers and control documentation.
• Experience with Notice of Findings and Recommendations (NFRs) Corrective Action Plans (CAPS) Test of Operating Effectiveness (TOE) Test of Design (TOD) and Service Organization Controls (SOC) Reports
• Experience managing IT audit evidence repositories (SharePoint Teams etc.)
• Minimum 8 years experience

Education and Certifications:

• Minimum Bachelors Degree
• CISA or similar IT audit/security certification (preferred)

Compensation

$120000 - $148000 annually (based on the National Capital Region) The pay range for this job level at Savantage Solutions serves as a general guideline and is not a guarantee of compensation or salary. Factors considered when extending an offer include but are not limited to job responsibilities education experience knowledge skills certifications seniority performance and alignment with market data.

This salary range is based on the National Capital Region and reflects our good faith estimate for this role at the time of posting. Actual compensation may vary based on geographic region or market conditions and we may ultimately pay more or less than the stated range.

We are committed to providing competitive compensation and encouraging candidates from all locations to apply.

Corporate Summary:

Savantage Solutions provides a wide range of consulting systems integration and financial and project management support to federal and DoD agencies. For over two decades Savantage Solutions has partnered with organizations in both the public and private sectors to achieve innovative solutions for customers challenges.

Savantage Solutions is a woman-owned company that values diversity initiative and a commitment to learning and growing. Our philosophy is that diversity is an asset to any industry or organization and that innovation is only nurtured in an environment that embraces creativity and open minds. We thrive on the ideas and perspectives generated by a diverse workforce.

Savantage Solutions is an Equal Opportunity/Affirmative Action Employer