Overview
Skills
Job Details
Job Title: IT Security Auditor (Hybrid)
Location: Richmond, VA (Requires both webcam interview and occasional in-person presence)
Duration: Long Term Contract
Job Overview:
We are seeking an experienced IT Security Auditor to support an organization's transition to a new security standard and enhance its third-party risk management program. The ideal candidate will play a key role in interpreting and implementing updated security requirements, conducting comprehensive audits and assessments of internal processes, as well as evaluating external vendors and partners.
Key Responsibilities:
- Assess existing security controls and processes against updated security standards (CMS, IRS, etc.).
- Identify compliance gaps and recommend effective remediation strategies.
- Lead the development and updates of security-related policies, procedures, and documentation.
- Design, implement, and train teams on processes for assessing vendor and partner security compliance.
- Develop assessment tools, workflows, and scoring models to evaluate vendor and partner controls.
- Conduct evaluations to ensure vendors and partners meet contractual and data-sharing security requirements.
- Perform control testing through interviews, documentation review, and observational analysis.
- Present audit findings, risk assessments, and remediation recommendations to stakeholders.
- Support continuous monitoring and incident response initiatives.
- Perform related tasks as required.
Required Skills and Experience:
Skill |
Audit, compliance, information security, or IT experience |
Experience in Information Security control audits and assessments |
Familiarity with NIST 800-53 or other recognized security frameworks |
Experience performing testing, analysis, reporting, and creating remediation plans |
Ability to develop/update policies, procedures, and related documentation |
Experience in healthcare, health insurance, or ACA environments |
Industry-recognized certifications (e.g., CISA, CIA, GSNA, CISSP, or equivalent) |