IT Senior Auditor

About The Position

Requirements

• Bachelor’s degree in Information Systems , Cybersecurity, Accounting, or a related field.
• Minimum of 2 years of experience performing IT audits or IT risk assessments.
• Hands-on experience conducting IT audits in a federal or DoD environment.
• Strong understanding of risk management and internal controls across technical and administrative systems.
• Excellent written and verbal communication skills, with the ability to document and explain complex IT processes clearly.
• Strong project management and time management skills with the ability to meet tight deadlines.
• Security Clearance : Must be able to pass a basic government suitability check (US Citizenship required).
• Technical Expertise: Solid understanding of federal IT environments, including system architecture, security frameworks, and compliance standards.
• Experience auditing or working with systems such as: Mainframe systems Microsoft environments (Active Directory, Windows Server, Azure) Amazon Web Services (AWS) Oracle databases and ERP systems
• Ability to assess and document administrative and technical controls across diverse platforms.
• Familiarity with FISCAM, NIST SP 800-53, and FISMA frameworks.

Nice To Haves

• CISA certification preffered.

Responsibilities

• Lead Process Walkthroughs : Facilitate client meetings to assess IT systems, applications, and controls.
• Engage Directly with Clients : Serve as a key liaison, building trusted relationships and maintaining open, professional communication throughout the engagement.
• Identify and Communicate Risk : Analyze IT environments, pinpoint control gaps, and clearly present associated risks and recommendations.
• Defend and Support Findings : Lead discussions to support audit conclusions with evidence and detailed analysis.
• Review Audit Workpapers : Evaluate staff-prepared documentation for accuracy, completeness, and compliance with audit standards.
• Mentor and Support Staff : Provide guidance, technical direction, and feedback to junior team members to strengthen their professional development.
• Apply Federal IT Compliance Frameworks : Utilize working knowledge of federal standards and guidance, including: FISCAM (Federal Information System Controls Audit Manual) NIST SP 800-53 (Security and Privacy Controls for Federal Information Systems) FISMA (Federal Information Security Modernization Act)

Benefits

• At Castro & Company, you’ll join a team that values collaboration, growth, and integrity. We serve the Federal Government with distinction and are committed to helping our clients achieve their strategic goals while providing our people with opportunities to thrive. You’ll gain hands-on experience, mentorship, and exposure to challenging and meaningful work that supports the public good. We offer a supportive environment that encourages learning, teamwork, and professional excellence.
• Castro & Company is an Equal Opportunity Employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability, or any other classification protected by law.