IT Audit & Controls Analyst I- RMF / FISCAM
UICGS / Bowhead Family of Companies, Baltimore, MD, United States
IT Audit & Controls Analyst I -RMF/FISCAM
Bowhead seeks an IT Audit & Controls Analyst I -RMF/FISCAM to support the AF FIAR contract in Andrews AFB, MD. The IT Audit & Controls Analyst I -RMF/FISCAM will support audit readiness efforts by assessing, testing, and sustaining IT internal controls aligned with FISCAM, NIST 800-53 (RMF), and FIAR guidance. This role focuses on validating control effectiveness, supporting remediation efforts, and ensuring IT systems and processes meet federal financial management and cybersecurity compliance requirements.
Responsibilities
Assess, document, test, and monitor IT general controls (ITGCs) and business process controls
Perform control re-testing, remediation validation, and sustainment testing following FIAR baseline assessments
Develop and maintain control documentation, test plans, and results in accordance with audit standards
Identify control gaps, deficiencies, and risks; support development of corrective actions
Draft system change requests and define requirements related to system issues (e.g., SIDs, Critical Issues, NFRs)
Support IT audit readiness efforts, including responding to auditor requests, RFIs, and findings
Maintain evidence repositories (e.g., SharePoint) to ensure audit traceability and compliance
Collaborate with IT, cybersecurity, and financial stakeholders to align controls with system functionality and mission requirements
Support IT system modernization, migration, and implementation efforts from a controls and compliance perspective
Prepare clear briefings and status reports for technical and non-technical stakeholders
Other duties as assigned
Qualifications
Bachelor’s degree in Information Systems, Computer Science, or related field (or 4+ years of relevant experience)
2+ years of experience supporting IT audit, controls testing, or compliance efforts
Experience with FISCAM and/or NIST 800-53 Risk Management Framework (RMF)
Experience documenting and testing IT controls and supporting remediation activities
Familiarity with IT system modernization, migration, or ERP implementations
Understanding of current IT and cybersecurity trends
Strong analytical, documentation, and communication skills
Preferred Qualifications
Experience with DoD or Air Force systems and environments
Familiarity with FIAR guidance and federal financial management system requirements (e.g., OMB A-127)
Knowledge of Federal Information System Controls Audit Manual (FISCAM) requirements
Experience with Oracle Federal Financials or similar ERP systems
Domain knowledge of Foreign Military Sales (FMS) or Security Cooperation processes
Physical Demands
Must be able to lift up to 25 pounds
Must be able to stand and walk for prolonged amounts of time
Must be able to twist, bend and squat periodically
Security Clearance Requirements
Must be able to maintain a security clearance at the Secret level. US Citizenship is a requirement for this contract.
#J-18808-Ljbffr
Bowhead seeks an IT Audit & Controls Analyst I -RMF/FISCAM to support the AF FIAR contract in Andrews AFB, MD. The IT Audit & Controls Analyst I -RMF/FISCAM will support audit readiness efforts by assessing, testing, and sustaining IT internal controls aligned with FISCAM, NIST 800-53 (RMF), and FIAR guidance. This role focuses on validating control effectiveness, supporting remediation efforts, and ensuring IT systems and processes meet federal financial management and cybersecurity compliance requirements.
Responsibilities
Assess, document, test, and monitor IT general controls (ITGCs) and business process controls
Perform control re-testing, remediation validation, and sustainment testing following FIAR baseline assessments
Develop and maintain control documentation, test plans, and results in accordance with audit standards
Identify control gaps, deficiencies, and risks; support development of corrective actions
Draft system change requests and define requirements related to system issues (e.g., SIDs, Critical Issues, NFRs)
Support IT audit readiness efforts, including responding to auditor requests, RFIs, and findings
Maintain evidence repositories (e.g., SharePoint) to ensure audit traceability and compliance
Collaborate with IT, cybersecurity, and financial stakeholders to align controls with system functionality and mission requirements
Support IT system modernization, migration, and implementation efforts from a controls and compliance perspective
Prepare clear briefings and status reports for technical and non-technical stakeholders
Other duties as assigned
Qualifications
Bachelor’s degree in Information Systems, Computer Science, or related field (or 4+ years of relevant experience)
2+ years of experience supporting IT audit, controls testing, or compliance efforts
Experience with FISCAM and/or NIST 800-53 Risk Management Framework (RMF)
Experience documenting and testing IT controls and supporting remediation activities
Familiarity with IT system modernization, migration, or ERP implementations
Understanding of current IT and cybersecurity trends
Strong analytical, documentation, and communication skills
Preferred Qualifications
Experience with DoD or Air Force systems and environments
Familiarity with FIAR guidance and federal financial management system requirements (e.g., OMB A-127)
Knowledge of Federal Information System Controls Audit Manual (FISCAM) requirements
Experience with Oracle Federal Financials or similar ERP systems
Domain knowledge of Foreign Military Sales (FMS) or Security Cooperation processes
Physical Demands
Must be able to lift up to 25 pounds
Must be able to stand and walk for prolonged amounts of time
Must be able to twist, bend and squat periodically
Security Clearance Requirements
Must be able to maintain a security clearance at the Secret level. US Citizenship is a requirement for this contract.
#J-18808-Ljbffr