Job Description
Plan and conducts testing of IT systems, controls, safeguards, and related processes in support for the annual FISMA assessment in accordance with CMS prescribed test protocols, procedures, and other requirements (80%)
* Document testing, systems and IT processes with flowcharts, narratives, and questionnaires as necessary
* Analyze results and assess the extent to which prescribed controls are implemented correctly, operating as intended, and producing the desired outcomes
* Identify any weaknesses or deficiencies, and develop recommendations to effectively remediate, mitigate, or eliminate weaknesses
* Coordinate and communicate clearly and effectively with management and responsible areas regarding the assessment schedule, progress, results, and recommendations
Develop and maintain current knowledge related to standards, requirements, and guidance for systems security and information technology controls. Ex. CMS ARS, CMS Business Partners Systems Security Manual (BPSSM), NIST Standards, FISCAM, DISA Stigs (10%)
Execute other duties as deemed necessary in support of FISMA assessment and Internal Audit goals and objectives. (10%)
Required Skills & Experience
Must Haves:
* 2-3 years of auditing experience
* Understands IT security controls
* Ability to analyze and test controls
* Ability to clearly communicate
* Must sit in following states: Alabama, Arkansa, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Louisiana, Mississippi, Montana, Nebraska, North Carolina, South Carolina, Tennessee, Utah, West Virginia, Wisconsin, Wyoming
Nice to Have Skills & Experience
Plusses:
* Experience in Medicare or government realm
* Familiarity with FISMA
* Familiarity with DISA STIGs
* Any security certs (CISA, CISSP, etc)
* IT focused bachelor's degree
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.