IT Security Auditor

This position functions as a team member, reviewing the FedRAMP requirements and determining the process for collecting and evaluating the current client policies, processes and procedures, enabling the creation of the required FedRAMP documentation.
This position will work on the CTO's team to develop, enhance and maintain documentation required for the FedRAMP certification and continuous monitoring process. This individual will be working with Infrastructure and Operation's (I & O) Audit and Compliance unit to review and interpret FedRAMP controls, enhance existing and develop new standards, policies, and procedures, that meet FedRAMP program requirements. This process includes the collection all information needed to achieve initial accreditation, as well as continuous maintenance of required documentation, ensuring the information remains current and is aligned with both the SOM cloud environment, and FedRAMP program. This will include but is not limited to researching and reviewing, establishing best practices, writing documentation and other manuals and materials, and outlining roles and responsibilities required for the broader FedRAMP readiness process.
This individual will be working with client technical staff throughout I & O, Cyber Security, Enterprise Architecture and other technical teams, to transfer their systems drawings, runbooks and technical documents into FedRAMP appropriate formats. Overseeing the writing, editing, publishing and distribution of FedRAMP specific audit documents, documenting compliance processes, audit team roles and responsibilities, and audit policies needed to operationalize the FedRAMP continuous monitoring documenting compliance processes, audit team roles and responsibilities, and audit policies needed to operationalize the FedRAMP continuous monitoring. Ensuring timely completion and consistent formatting of these documents will be a primary function of the position. The resource will be required to participate in weekly technical workshops, project team meetings and 1x1 meetings with team members.
Resources are required to familiarize themselves with both the FedRAMP program, and the types of documentation required for FedRAMP readiness before starting the work at State office. This overview is critical to the candidate's ability to establish realistic expectations of the scope and type of documentation and work which accompanies the FedRAMP accreditation process. Please visit the following sites for more details:



Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

IT Security Auditor 1 - GRC Consultant (Job ID...
Lansing, MI Computer Consultants International
IT Security Auditor 1 (Job ID: 500088)
Lansing, MI Computer Consultants International
IT Security Specialist
Lansing, MI IBS LLC
IT Security Architect
Lansing, MI IBS LLC
IT Security Analyst
Kalamazoo, MI WMU Homer Stryker M.D. School of Medicine