Jr. IT Auditor
Electronic Systems, Inc.
Date: 11 hours ago
City: Annandale, VA
Contract type: Contractor
About Xerox Holdings Corporation For more than 100 years, Xerox has continually redefined the workplace experience. XIT Staffing, a division of Xerox dedicated to staffing solutions, is committed to collaborating closely with our internal clients to fulfill their staffing needs.
Our client, Virginia's largest institution of higher education, is in need of a Jr. IT Auditor for a full-time 1-year engagement to review the organization's IT systems and databases to ensure they are running properly and securely as well as improve the quality of IT systems.
Our client, Virginia's largest institution of higher education, is in need of a Jr. IT Auditor for a full-time 1-year engagement to review the organization's IT systems and databases to ensure they are running properly and securely as well as improve the quality of IT systems.
- Security Information Gathering Administer and review standardized information gathering (SIG) questionnaires to assess vendor security controls and conduct onsite visits for high-risk vendors to verify compliance with security practices.
- Vendor Risk Assessment Conduct thorough initial risk assessments for new vendors to evaluate their security posture, financial stability, and compliance with regulatory requirements. Categorize vendors by risk level (low, medium, high) based on data sensitivity and system access.
- Control Testing and Evaluation Conduct regular control testing and evaluate the design and operating effectiveness of the IT key controls environment to ensure adherence to established security policies (ITGC - Information Technology General Controls).
- Periodic audits and reviews to ensure compliance with contractual obligations and regulatory requirements.
- Policy Development and Enforcement Enforce adherence of security policies aligned with federal standards (e.g., NIST SP 800-53) and require vendors to participate in security training programs to maintain awareness of security policies and best practices.
- Third-Party Risk overseeing thirdparty risk management to ensure risks are identified, assessed, and mitigated, and provide regular reports to maintain transparency and accountability in the risk management process.
- BS (computer science, information technology, management information systems, or a related area or equivalent job experience
- Understanding of IT systems, applications, and infrastructure
- Strong attention to detail and analytical skills
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resume