IT Audit Specialist

About The Position

Requirements

• Must be a U.S. Citizen with the ability to pass CBP background investigation, criteria will include:
• 3-year check for felony convictions
• 1-year check for illegal drug use
• 1-year check for misconduct such as theft or fraud
• College degree (B.S., M.S.) in Computer Information Systems, Finance or a related discipline
• Certifications: minimum Security+ CE or equivalent, CISSP, CISM or CISA preferred
• Professional Experience: Seven plus (7+) years related to technical experience with IT Financial Audit or FISCAM compliance
• Must be available to work onsite in Ashburn, VA one day per week.

Nice To Haves

• Experience as SAP Security Administrator
• Experience on an audit team for an IPA
• Knowledge for GRC tools to enhance compliance such as Greenlight and SAP GRC
• Experience as an Information System Security Officer (ISSO) for a system

Responsibilities

• Serve as an Internal Audit Sustainment Team member responsible for the Audit Readiness, Sustainment and Security of custom coded and COTS applications and databases.
• Responsible for activities associated with delivery of Cybersecurity technical control implementation, configuration, and architectural solutions associated with customer-defined systems/software projects; basic responsibilities include:
• Implement Technical Audit Sustainment Program strategy
• Understand and assist developers with FISCAM compliance
• Enable assurance for information security during all phases of agile system development and deployment
• Secure SAP and custom designed financial support systems
• Assess entire system lifecycle requirements and network security impacts
• Enhance – Implement Cybersecurity vulnerability/ hardening testing
• Optimize – Cybersecurity development environment certification
• Work with SAP security administrators to ensure Separation of Duties, Access Controls, and audit support functionality is incorporated into the system
• Work with the CBP Independent Public Accountant (IPA) that is auditing the system by responding to request for information (RFI)s and delivering Provided by Client (PBC) data to the auditor.
• Develop Corrective Action Plans (CAPs) in response to Notifications For Record (NFRs) received from the IPA
• Evaluate the implementation and compliance of SAP GRC by working with SAP Security Administrators
• Architect & Engineer security – develop security goals, capabilities, controls, and architecture
• Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation and assist with synchronizing efforts for compliance with FISCAM and RMF
• Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
• Monitor and inspect for approved software usage and implementation of approved security enabled software and tools
• Works to achieve, team objectives, operational plans with measurable contribution towards the achievement of results of the job function or completion of a project.
• Assist CBP with maintaining compliance with OMB Circular A-123 supporting management responsibilities for internal controls
• Apply information security in accordance with National/DHS/CBP directives security policy
• Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
• Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas
• Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness
• Determining how Governance Risk and Compliance Tools (SAP GRC, Greenlight, etc..) can enhance compliance
• Implementing FISCAM, RMF, and NIST security solutions
• Developing compliance solutions for OMB Circular No. A-123 (management's responsibility for internal control in Federal agencies)
• Acting independently to expose and resolve problems
• Excellent written and verbal communication skills
• Strong collaboration skills and desire to work within a team
• Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
• Must be available to work a hybrid schedule with an on-site requirement in Ashburn, VA.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive compensation, benefits and learning and development opportunities.
• Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
• At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.