Sign upLog in

IT Control Manager

She Recruits. LLC

Arlington, VA

Apply
JOB DETAILS
SALARY
$45–$55 Per Hour
SKILLS
Auditing, Best Practices, Business Processes, Corrective Action, Cross-Functional, Financial Audit, Financial Statements, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Risk Analysis, Risk Control Matrix, Risk Management, Strategic Planning, Technical Support, Test Design, Testing, U.S. National Institute of Standards and Technology (NIST), United States Department of Defense (DoD)
LOCATION
Arlington, VA
POSTED
1 day ago
Job Title: IT Control Manager
Location: Hybrid - Arlington, VA (3 days onsite, 2 days remote)
Pay Rate: $45-$55/hr
Clearance Requirement: Secret Clearance

Position Overview:

We are seeking a skilled IT Control Manager to support the Environmental & Disposal Liability AAT in a hybrid role based in Arlington, VA. An AAT (Assessment and Action Team) is a cross-functional team that rapidly evaluates situations, develops strategic plans, and mobilizes resources to achieve efficient and effective outcomes. By integrating personnel, information, and resources in a centralized setting-whether physical or virtual-the team enhances coordination and accelerates results.

This role requires expertise in IT audit controls, risk mitigation, and compliance frameworks, with a strong focus on ITAC (IT Application Controls) and ITGC (IT General Controls). The ideal candidate will bring experience in testing, reviewing, and implementing corrective actions aligned with FISCAM/NIST RMF frameworks.

Key Responsibilities:
  • Identify and assess IT control risks, ensuring alignment with ITAC/ITGC best practices.
  • Develop and maintain Risk and Control Matrices (RACMs) in support of financial statement audits.
  • Conduct end-to-end IT process mapping to strengthen internal control frameworks.
  • Design, implement, and/or independently test Tests of Design (TOD) and Tests of Effectiveness (TOE) to address IT control deficiencies.
  • Leverage FISCAM, NIST RMF, and related frameworks for audit testing, control reviews, and risk mitigation strategies.
  • Evaluate and respond to issued findings, such as Non-Compliance Findings Reports (NFRs).
  • Support corrective action planning and remediation efforts for IT audit risks.
Required Qualifications:
  • Strong ability to identify and assess IT controls that mitigate ITAC/ITGC risks.
  • Demonstrated experience applying FISCAM/NIST RMF (or equivalent frameworks) in IT control testing and compliance.
  • Proven track record in designing and implementing-or independently testing-corrective actions to resolve IT audit findings.
  • Expertise in information assurance standards, including NIST RMF, NIST 800-53, FISCAM, DoDI 8500, DoDI 8510, and SSAE-18 AT-C 320.
  • Experience evaluating SOC reports to support financial statement audits.
  • Familiarity with reviewing and assessing federal audit findings and their impact on IT risk management.
Preferred Qualifications (Not Required):
  • Experience working with Federal and/or DoD clients.
  • Knowledge of business process end-to-end mapping.
  • Experience conducting federal audits that resulted in an audit opinion or disclaimer of opinion.
  • Previous involvement in DoD SSAE-18 AT-C examinations as a service auditor.
Work Location:
  • This is a hybrid role requiring the candidate to work onsite 3 days per week at either the Tysons office or a client site in the Greater DC area.

If you have a strong background in IT controls, risk assessment, and compliance within federal or DoD environments, we encourage you to apply!

About the Company

S

She Recruits. LLC

Resume Resources

Free Resume TemplatesFree Resume Builder