VICTORY

SOC2 & CMMC Internal Auditor Liaison

PayCompetitive
LocationRemote
Employment typeFull-Time

What's your preference?

Apply with job updates

  • Job Description

      Req#: c40fda7a39db

      You will work with our engineers, support representatives, and external auditors to:

      • Perform complex, senior-level auditing and advisory work to develop a new audit program and processes for SOC2 and Department of Defense (DOD) Cybersecurity Maturity Model Certification (CMMC) / FedRAMP.
      • Conduct research, benchmarking, examining and reviewing records & financial statements.
      • Perform data & risk analyses, identify appropriate controls, assess business processes, and evaluate management processes.
      • Manage the development of an appropriate audit scope, selection of an external auditor, and successful completion of audits annually.
      • Continuously collect operational documentation and data samples in order to close process gaps or to document accepted risk before a gap becomes a finding.
      • Maintain relationships with our external auditors to anticipate changes to audit focuses and prepare the organization for them.
      • Educate the organization about audit requirements, risk analysis and controls, and assist us with integrating best practices into our existing operational framework.
      • Identify and document corrective actions that need to be taken based on audit reports.
      • Respond to client requests for documentation of our processes and audit reports.
      • Understand and follow changes to CUECs from our partners and vendors.

      Requirements

      You have experience with:

      • Auditing in accordance with generally accepted auditing standards and risk-based internal auditing.
      • Basic information technology controls in a cloud environment.
      • Analyzing, interpreting, and summarizing data, policies, and procedures for effective performance of audit work.
      • Establishing and maintaining trust-based relationships with internal and external stakeholders.

      You should...

      • Have advanced writing and communication skills.
      • Be willing to apply your skills across our small organization, from the low level (e.g. writing process documentation) to high level (e.g. developing organizational audit plans).
      • Help us maintain the culture and values of our organization.

      It would be a plus if you have...

      • Some experience with DOD cybersecurity requirements and contracts, e.g. NIST 800-171.
      • Some experience with FedRAMP requirements.

  • About the company

      Victory delivers business evolution through technology, data-driven process and cross-disciplinary experience to create transformative solutions.

Other job opportunities

senior director of internal communications jobs remote
Internal Auditor Liaison remote jobs
More information about VICTORY