USMC Business Systems CISA, Analyst

ROLE DETAILS             

CLIENT:            United States Marine Corp (USMC)
PROJECT:           Audit Response, Coordination, Remediation, and Coaching
WORK LOCATION:     National Capital Region
WORK SITE:         Client site
LABOR CATEGORY:    Business Systems CISA I-II
CAREER LEVELS:     Analyst, Consultant, experience level dependent

CLEARANCE:                      
Must hold an active DoD Secret or higher
EDUCATION:                     
Bachelor’s degree from an accredited United States college or university in Accounting, Finance, Computer Science, Engineering, Mathematics, or Information Systems
CERTIFICATIONS:              
Active and valid Certified Information Systems Auditor (CISA) issued by the Information Systems Audit and Control Association (ISACA) that is current and in good standing
EXPERIENCE:                     
Experience supporting IT system audit readiness, IT audit reviews, IT system control documentation, or FISCAM and Risk Management Framework (RMF) implementation and sustainment capabilities for the Federal Government or Fortune 500 firm.

Candidate must have a minimum of 2-7 years of full-time (excluding internships) experience within the past 10 years of progressive experience providing accounting services to the Federal Government agencies or Fortune 500 companies.

ROLE DESCRIPTION
– Candidate will become a member of the team supporting the USMC Financial Improvement and Audit Readiness (FIAR) program’s goals to develop and sustain appropriate internal controls over its business and to achieve auditable financial statements and processes across the USMC.
– Candidate will use knowledge of GAAP and government accounting procedures, of Department of Defense (DoD) structures, processes, systems, and of the DoD planning, programming, budgeting, and execution processes to provide both strategic and tactical guidance to the team and client.

KEY TEAM OBJECTIVES:
– Collaborate with key stakeholders and process owners to evaluate internal controls, processes, and policies, develop and implement measurable, realistic, and timely remediation activities to ensure the organization has proper controls, governance, and risk management processes in place to improve the organization’s audit readiness posture.
– Mature and enhance audit infrastructure for efficient and sufficient audit response and coordination
– Provide strategic guidance and technical assistance for all phases of audit preparation and remediation
– Enhance client governance framework to ensure sustainment of financial controls per OMB A-123

ROLE RESPONSIBILITIES
General duties may include assisting the team and/or leading teams and/or task efforts to:
– Perform audit risk assessments of existing financial information technology (IT) systems and processes for adherence to guidance, regulation, law, and provide recommendations for process improvements.
– Develop test plans to validate internal controls are in place for Internal Controls Over Financial Systems (ICOFS) and/or Complementary User Entity (CUECs).
– Conduct root cause analysis on IT Observations and Notices of Findings and Recommendations (NFRs) and either incorporate new recommendations into existing Corrective Action Plans (CAPs) or begin coordinating with stakeholders to develop new CAPs.
– Conduct gap analyses pursuant to Federal Information Systems Control Audit Manual (FISCAM) requirements and NIST 800-53 standards and provide recommended process improvements to ensure FISCAM and NIST controls compliance.
– Develop, execute, and report on SOC1 and/or CUEC tests of controls design and effectiveness.
– Collaborate with client stakeholders to identify and advise management on best practices that can improve IT audit coordination.
– Develop briefs and draft data call responses, using data visualization and dash boarding, for submittal to the client senior leadership up to secretariat levels.
– Provide expert advice and support regarding OMB A-123, GAO Green Book, Fraud, Audit Support, and the AFR, including gap analyses of currently documented controls to IT risks, assessments of IT control design and operating effectiveness, and control implementation across the enterprise.
– Collaborate with stakeholder offices to identify and address deficiencies, assess sustainability, and ascertain that the root cause of the deficiency is sufficiently addressed through CAPs, and track and report milestone status throughout CAP implementation.
– Prepare CAP Validation packages and provide to the OMB A-123 Section for testing and prepare CAP Closure packages for leadership review and governance approval.
– Provide timely and accurate responses to audit-related inquiries in which client stakeholders may need clarification or status updates for audit-related deliverables.