IT Auditor Richmond, VA - Hybrid 4 Days Onsite – Candidates Must be Local To Virginia Area

IT Auditor

Richmond, VA - Hybrid 4 Days Onsite Candidates Must be Local To Virginia Area

Long Term

Phone Skypes

Open to USC, H1, GC

About this Position / Responsibilities

• Security Information Gathering : Administer and review standardized information gathering (SIG) questionnaires to assess vendor security controls and conduct onsite visits for high-risk vendors to verify compliance with security practices.
• Vendor Risk Assessment : Conduct thorough initial risk assessments for new vendors to evaluate their security posture, financial stability, and compliance with regulatory requirements. Categorize vendors by risk level (low, medium, high) based on data sensitivity and system access.
• Control Testing and Evaluation : Conduct regular control testing and evaluate the design and operating effectiveness of the IT key controls environment to ensure adherence to established security policies (ITGC - Information Technology General Controls).
• Periodic audits and reviews to ensure compliance with contractual obligations and regulatory requirements.
• Policy Development and Enforcement : Enforce adherence of security policies aligned with federal standards (e.g., NIST SP 800-53) and require vendors to participate in security training programs to maintain awareness of security policies and best practices.
• Third-Party Risk : overseeing thirdparty risk management to ensure risks are identified, assessed, and mitigated, and provide regular reports to maintain transparency and accountability in the risk management process.

Qualification

Thanks & Regards

Sayantan Das

Technical Recruiter

Phone : - 1(201)5841370

sayantan@stellentit.com