Job DescriptionApply Now
Senior IT and Compliance AuditorJob ID 818-2
Mathematica Policy Research is dedicated to improving public well-being by bringing the highest standards of quality, objectivity, and excellence to bear on information and analysis for our partners and clients. The company has been at the forefront of design and assessment of public policies and programs since 1968. Our analytic solutions have yielded actionable information to guide decisions in wide-ranging policy areas, from health, education, early childhood, and family support to nutrition, employment, disability, and international development. Join our vibrant and growing IT Services group, and make important contributions to Mathematica’s security capabilities.
We are looking for a Senior IT and Compliance Auditor join our Information Technology Services group in either our Princeton, NJ headquarters or our Washington, D.C. office. The Senior IT and Compliance Auditor will contribute to the success of Mathematica’s security strategy through continuous improvement of Mathematica’s corporate security program, leading IT audit activity across the enterprise, and effectively communicating corporate security policies and procedures to the enterprise.
- Lead IT audit and testing of security controls for design and effectiveness, and coordinate third party initiated security assessments, such as SOC2 and client specific assessments.
- Coordinate preparation and collection of test plans, work papers, artifacts, test results and reports to management and Board of Director’s Audit Committee.
- Update corporate security standards and procedures and associated plans such as incident reporting and response and continuity of operations plans.
- Coordinate documentation of standard security procedures and identify opportunities to improve efficiency of procedures.
- Periodically audit internal security procedures and technology implementations to confirm continued compliance with regulatory standards agreements and procedures.
- Manage security incident reporting and response and facilitate reporting to Security Officer.
- Support responses to client requests for information about compliance with security requirements.
- Keep up-to-date with on-premises and cloud developments related to security and make appropriate recommendations for improving in-house and cloud-hosted computer and network systems.
- Provide oversight of annual corporate security awareness training and support role-based security training.
- Bachelor’s Degree in computer programming, management information systems or other computer related field preferred. Will consider a combination of education and computer/IT skills developed through progressively responsible positions in technology or consulting roles.
- Ten years working experience including a minimum four years’ experience in IT audit or other role with significant security controls assessment experience and minimum four years’ experience with security and privacy domains such as FISMA, HIPAA and HITECH and frameworks such as COBIT
- Big 4 or equivalent IT audit experience a plus
- Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Security Professional (CISSP) preferred
- Knowledgeable about IT audit best practices
- Knowledgeable about on-premises and cloud-based networking, .NET and open source application development
- Accuracy with work, strong organizational skills, and attention to detail
- Excellent written and verbal communication skills
- Ability to deal tactfully and diplomatically with others
- Excellent project management skills to handle multiple priorities, sometimes simultaneously, under deadline pressure
- Ability to work independently for long periods of time
- Willingness to travel to other locations as necessary
We offer our employees a stimulating, team-oriented work environment, competitive salaries, and a comprehensive benefits package, as well as the advantages of employee ownership. We provide generous paid time off and an on-site fitness center at several locations.
As a federal government contractor, all staff working in our central ITS group with access to corporate computer systems are required to successfully undergo a background investigation or security clearance as a condition of employment.
To apply, please submit cover letter, resume and salary requirements at time of application.
Available locations: Princeton, NJ; Washington, DC
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.