Apply on Employer Site

Insight Assurance · 2 months ago

Experienced International Compliance Auditor (HITRUST/NATO)

United States

Full-time

Remote

Mid Level

3+ years exp

Insight Assurance is a global audit firm focused on transforming cybersecurity and compliance. They are seeking a highly skilled compliance auditor to assess clients' abilities to safeguard government data, ensuring adherence to complex regulatory frameworks such as HITRUST and CMMC.

ComplianceConsultingCyber Security

No H1B

U.S. Citizen Only

Responsibilities

Develop a comprehensive assessment plan outlining the scope, objectives, and methodology for evaluating the organization's cybersecurity practices and controls

Assess the organization's adherence to the HITRUST and CMMC frameworks by reviewing policies, procedures, and technical security controls to ensure they meet the required maturity level

Gather and analyze relevant documentation, including system configurations, security policies, incident response plans, and training materials

Engage with key personnel within the organization to understand the implementation of cybersecurity practices and gauge their familiarity with security protocols

Identify potential risks and vulnerabilities in the organization’s cybersecurity posture, determining their potential impact on safeguarding governmental data

Create detailed reports that document assessment findings, highlighting areas of compliance and non-compliance, along with recommendations for improvement

Offer expert advice and best practices to help organizations enhance their cybersecurity measures and achieve compliance with HITRUST and CMMC requirements

Conduct follow-up assessments to verify that corrective actions have been implemented, and that the organization is on track to achieve or maintain compliance

Stay updated on changes in the HITRUST and CMMC frameworks, cybersecurity threats, and mitigation strategies to provide the most relevant and effective assessments

Maintain clear communication with clients throughout the assessment process to ensure understanding and facilitate collaboration

Assist the Lead assessor in gathering and evaluating assessment evidence

Evaluates the design and effectiveness of controls

Identifies and communicates preliminary assessment findings for daily checkpoint meetings

Foster stakeholder relationships through proactive communication with clients, colleagues and partners

Proactively communicate with management regarding any potential issues

Qualification

CMMC Certified ProfessionalHITRUST complianceNIST knowledgeIT audit experienceGRC tools experienceCISA certificationCPA certificationCISSP certificationAnalytical skillsFluency in EnglishCommunication skillsCollaboration skillsMotivation

Required

CMMC Certified Professional (CCP) certification or ability to secure CCP within six months

Demonstrated experience leading compliance initiatives in regulated environments

Knowledge of CMMC and NIST

Full or dual citizenship in the U.S., Australia, a NATO member country, or South Korea

Ability to produce a valid passport

Strong analytical, communication, and collaboration skills

Bachelor's degree in accounting, business, cyber security, or management information systems

At least 3 years of experience performing IT audit engagements at a Big 4 or other audit/consulting firm

Fluency in English

Preferred

Experience using GRC and compliance automation tools (Vanta, Drata, SecureFrame)

Candidates with an active or working towards RP, RPA, or CCP certification

Possession of a CISA, CPA, or CISSP certification

Completion of CMMC training within the first 6 months

Possession of an approved Intermediate Certification, such as: (ISC)2 CGRC/CAP, CompTIA CASP+, CompTIA Cloud+, CompTIA PenTest+, CompTIA Security+, GIAC GSEC