SOC2 & CMMC Internal Auditor Liaison at Victory

Work set-up: 
Full Remote
Contract: 
Full time
Experience: 
Senior (5-10 years)
Work from: 
United States

Offer summary

Qualifications:

Experience in auditing according to accepted standards and risk-based internal auditing., Knowledge of IT controls in cloud environments., Strong data analysis and interpretation skills., Excellent communication and relationship-building abilities..

Key responsibilities:

  • Perform senior-level audits and develop audit programs for SOC2 and CMMC.
  • Research and review records, financial statements, and operational data.
  • Manage audit scope, coordinate with external auditors, and ensure successful audit completion.
  • Educate the organization on audit requirements and assist in integrating best practices.

VICTORY logo
VICTORY Scaleup https://victorycto.com/
51 - 200 Employees
See all jobs

Job description

You will work with our engineers, support representatives, and external auditors to:

  • Perform complex, senior-level auditing and advisory work to develop a new audit program and processes for SOC2 and Department of Defense (DOD) Cybersecurity Maturity Model Certification (CMMC) / FedRAMP.
  • Conduct research, benchmarking, examining and reviewing records & financial statements.
  • Perform data & risk analyses, identify appropriate controls, assess business processes, and evaluate management processes.
  • Manage the development of an appropriate audit scope, selection of an external auditor, and successful completion of audits annually.
  • Continuously collect operational documentation and data samples in order to close process gaps or to document accepted risk before a gap becomes a finding.
  • Maintain relationships with our external auditors to anticipate changes to audit focuses and prepare the organization for them.
  • Educate the organization about audit requirements, risk analysis and controls, and assist us with integrating best practices into our existing operational framework.
  • Identify and document corrective actions that need to be taken based on audit reports.
  • Respond to client requests for documentation of our processes and audit reports.
  • Understand and follow changes to CUECs from our partners and vendors.

Requirements

You have experience with:

  • Auditing in accordance with generally accepted auditing standards and risk-based internal auditing.
  • Basic information technology controls in a cloud environment.
  • Analyzing, interpreting, and summarizing data, policies, and procedures for effective performance of audit work.
  • Establishing and maintaining trust-based relationships with internal and external stakeholders.

You should...

  • Have advanced writing and communication skills.
  • Be willing to apply your skills across our small organization, from the low level (e.g. writing process documentation) to high level (e.g. developing organizational audit plans).
  • Help us maintain the culture and values of our organization.

It would be a plus if you have...

  • Some experience with DOD cybersecurity requirements and contracts, e.g. NIST 800-171.
  • Some experience with FedRAMP requirements.

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Risk AnalysisAuditingPolicy AnalysisAnalyticsStakeholder CommunicationsCloud AdministrationFedRAMPCyber Defense

Other Skills

  • Writing
  • Communication
  • Relationship Building
Are you interested?

Internal Auditor Related jobs

See more Internal Auditor jobs