Job Title: IT Audit Support Contractor
Location: Jackson, MS
Duration: Long term
Position Summary
Position Description and Job Skill Set
Description of the job functions the contractor will be expected to perform.
The contractor will provide audit and compliance support services to assist with preparing for, responding to, and
tracking internal and external audits. The contractor will coordinate with agency personnel, technical staff, and
documentation resources to ensure audit requirements are addressed accurately and timely.
Primary responsibilities include:
- Assist with planning, coordinating, and supporting information technology audits.
- Prepare and coordinate audit responses and evidence submissions.
- Assist with development and tracking of: Corrective Action Plans, Plans of Action and Milestones, Safeguard and
Security Reports, security assessment responses, audit status reports.
- Track audit findings through remediation and closure.
- Coordinate with business units and technical staff to obtain supporting documentation.
- Identify documentation gaps and work with other staff to facilitate development or revision of policies, standards,
procedures, and other governance documentation.
- Review submitted evidence for completeness, consistency, and compliance.
- Monitor remediation activities and provide status reporting to management
- Assist with implementation and documentation of corrective actions.
- Maintain audit documentation repositories.
- Support periodic compliance assessments and internal reviews.
- Assist with risk assessments and compliance reporting.
Required Skills/Experience
Provide the minimum required skills and/or experience the contractor must possess to qualify for this position. These
requirements will be transferred to the Score Sheet and candidates without these requirements reflected on their resume will
NOT be presented to the manager for consideration.
Demonstrated knowledge with several of the following:
- Information security governance
- IT audit processes
- Risk management
- Control assessments
- NIST Cybersecurity Framework
- Nist SP 800-53
- IRS Publication 1075
- Corrective Action Plans (CAPs)
- Plans of Action and Milestones (POA&Ms)
- Audit evidence collection
- Compliance collection
- Compliance documentation
- Security control implementation
Preferred/Not Required
Provide any skills/experience that would be helpful for the candidate to possess but not required. Examples: Previous supervisory
experience, WebLogic experience helpful, etc.
- Experience supporting IRS, SSA, or OSA audits and responses.
- CISA, CGRC, CISSP, CRISC, Security+, or equivelant certifications.