IT Program Auditor Security Clearance

Position: IT Program Auditor with Security Clearance
Job Title:

IT Program Auditor - Intermediate(Information Assurance Support Services)

Location:

San Antonio, TX

Education:

BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science or Military Training or Approved DoD 8140 cyber-related

Certifications:

GLSC or CISSP Position

Description:

The IA Security Administrator – IT Program Auditor provides oversight and audit support to ensure the DHA Domain and Directory Services Branch (DDSB) maintains compliance with DoD Risk Management Framework (RMF), DHA cybersecurity directives, and federal security policies. This role focuses on auditing IT programs, validating control effectiveness, and ensuring accurate reporting to support DHA’s accreditation and compliance posture.

Key Responsibilities:

Perform independent audits of IA and cybersecurity programs, verifying compliance with DoD cybersecurity standards, RMF controls, and DHA policies. Review and validate security documentation, accreditation packages, and RMF artifacts, ensuring accuracy, completeness, and audit readiness. Audit and assess the effectiveness of vulnerability management activities, including ACAS/eMASS asset tracking, credentialed scanning, and remediation reporting. Evaluate and document the impact of system modifications and change requests, ensuring security controls remain effective and properly recorded in DHA’s change management processes.

Support IA incident and violation audits, ensuring accurate documentation, reporting, and corrective action tracking. Prepare and deliver audit reports, compliance summaries, and executive briefings for government stakeholders, highlighting risks, remediation progress, and residual vulnerabilities. Collaborate with IA Control Assessors, Vulnerability Analysts, and Systems Administrators to align audit findings with operational risk assessments and accreditation requirements. Audit reports, compliance summaries, and findings documentation

Accreditation and risk assessment validation artifacts;eMASS/ACAS audit and tracking records o Incident and corrective action audit reports;

Executive briefings on compliance and risk posture The IT Program Auditor