Cotton & Company LLP
Cotton & Company LLP has multiple openings in the Washington, DC area for senior IT auditors with 2 to 5 years of experience performing federal information security audits. We are looking for highly motivated and detail-oriented professionals to join our federal IT audit practice. Successful candidates will serve as project team members and perform detailed work on IT security audits for DoD and civilian agencies.
Obtain, analyze, and evaluate audit evidence
Assist the manager or partner with planning work on assigned audits, system reviews, or other related engagements
Prepare audit documentation to support work performed
Assist in preparing interview write-ups and memos
Review the work of staff and provide timely and effective feedback
Obtain information on task progress from staff and report to managers and/or partners regarding task status
Report audit findings to seniors, managers, and/or partners and make recommendations for the correction of weaknesses
Conduct testing and interviews and prepare work papers, write-ups, and memos
2 to 5 years of IT audit experience
Experience planning IT audits desired
Federal Information System Controls Audit Manual (FISCAM) experience
Federal Information Security Management Act (FISMA) experience
Experience with National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) and Special Publications (SP)
Detailed understanding of information security risk management concepts
Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification highly desired
Bachelor’s degree from an accredited college or university in Information Systems, Accounting Information Systems, Decision Support Systems, Business Information Technology, or Information Security Assurance.
Demonstrated proficiency in Microsoft's Office, specifically Excel, Access, and Word
Ability to work effectively with both a team and independently
Ability to travel up to 35 percent annually
Ability to obtain a U.S. federal security clearance (U.S. citizenship is required)
Strong understanding of large-scale information technology systems, business processes, security regulatory risk management and security vulnerabilities
Ability to apply a risk-based control framework to identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement
Ability to use established procedures to test IT controls and assess the design and operating effectiveness of general and application controls
At Cotton & Company, we believe that work should be both fun and intellectually challenging, while allowing for a healthy work/life balance. Our competitive compensation and benefits feature incentives such has professional certification, tuition reimbursement, and an individualized mentorship program.
You'll find that we're small enough to notice the performance of our employees and large enough to reward it. If you share our outlook and philosophies, we invite you to inquire about joining our team.
Cotton & Company is an Equal Opportunity Employer
Alexandria, Virginia, United States
Cotton & Company LLP
Website : http://www.cottoncpa.com
Cotton & Company LLP is a certified public accounting firm specializing in audit, accounting, and management services predominantly for governmental agencies and programs. Many clients are repeat clients, which we consider evidence of our outstanding and timely performance and our sustained ability to exceed client expectations.