IT Auditor

washington software inc. • Washington Dc-baltimore Area
Remote
Apply
AI Summary

Join our team as an IT Auditor with 6+ years of experience to support a major federal financial regulatory agency. Evaluate security posture, operational resilience, and regulatory compliance. Plan and execute comprehensive IT compliance assessments.

Key Highlights
Financial Sector Compliance
Financial Systems Control Testing
Data Security & Privacy
Key Responsibilities
Plan and execute comprehensive IT compliance assessments
Evaluate specialized general and application controls (ITGCs)
Assess controls protecting non-public personal information (NPI)
Technical Skills Required
NIST SP 800-53 FFIEC guidelines SQL
Benefits & Perks
100% remote flexibility
Mandatory on-site travel to Northern Virginia four times per year
Fully reimbursable business travel expenses
Nice to Have
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CISSP (Certified Information Systems Security Professional)

Job Description


Experience Level: 6+ years of IT Audit, Information Assurance, or Federal Compliance experience


Position Overview

We are seeking an analytical, mid-level IT Auditor with 6 years of experience to join our team supporting a major federal financial regulatory agency. This position acts as a vital layer of defense, evaluating the security posture, operational resilience, and regulatory compliance of critical financial infrastructure, enterprise cloud architectures, and core applications.


This role offers 100% remote flexibility for daily duties, paired with mandatory on-site travel to Northern Virginia four (4) times per year for high-level quarterly briefing sessions, project alignment, and stakeholder strategy meetings.


Key Responsibilities
  • Financial Sector Compliance: Plan and execute comprehensive IT compliance assessments, testing, and audits aligned with FISMA, NIST SP 800-53 (Rev 5), and FFIEC (Federal Financial Institutions Examination Council) standards.
  • Financial Systems Control Testing: Evaluate specialized general and application controls (ITGCs) governing highly sensitive financial applications, general support systems (GSS), and modern cloud environments (FedRAMP).
  • Data Security & Privacy: Assess controls protecting non-public personal information (NPI), personally identifiable information (PII), and confidential supervisory information (CSI) against data governance regulations and federal privacy laws.
  • Artifact & Remediation Management: Audit and validate system security plans (SSPs), Plan of Action and Milestones (POA&Ms), and internal audit workpapers to ensure rigorous documentation in compliance with federal oversight requirements.
  • Stakeholder Reporting: Translate complex technical vulnerabilities and control gaps into high-level business risks; deliver precise, professional briefing reports and evidence to both contractor leadership and senior federal stakeholders.


Mandatory Minimum Qualifications

(Due to strict government labor category requirements, candidates must meet all minimum criteria to be considered.)

  • Experience: Minimum of 6 years of continuous, professional experience dedicated to IT audit, technology risk consulting, or information assurance.
  • Federal / Financial Frameworks: Demonstrated hands-on experience utilizing NIST SP 800-53 or NIST Risk Management Framework (RMF). Strong preference for familiarity with FFIEC guidelines, FDICIA, or Interagency Guidelines Establishing Information Security Standards.
  • Citizenship & Security: U.S. Citizenship is strictly required. Must have the immediate ability to pass a federal background investigation to secure a high-risk Public Trust clearance (or equivalent).
  • Education: Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Accounting/MIS, or a related technical discipline.


Preferred Certifications & Technical Skills
  • Possession of one or more of the following active certifications is highly preferred:
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • CISSP (Certified Information Systems Security Professional)
  • Familiarity with the CISA Continuous Diagnostics and Mitigation (CDM) program or vulnerability patch management frameworks.
  • Knowledge of Identity, Credential, and Access Management (ICAM) architectures, privilege access controls, and principles of least privilege.
  • Prior experience executing or reviewing documentation within a federal banking regulator, financial agency, or top-tier financial services contractor environment.


Work Environment & Compensation
  • 100% Remote: Virtual daily operations. Must maintain a secure, professional, and private home office workspace.
  • Quarterly Travel: Commitment to travel to Northern Virginia (NoVA) four times annually. Business travel expenses are fully reimbursable under federal per diem guidelines.



Similar Jobs

Explore other opportunities that match your interests

Senior Linux System Administrator

Networking
•
37m ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

BairesDev

Brazil

Systems Administrator

Networking
•
38m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Entry level

BisectHosting

United Kingdom

Technical Product Support Specialist

Networking
•
1h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Associate

Securly

United State

Subscribe our newsletter

New Things Will Always Update Regularly