Lead IT Auditor - 2624

Metro Systems is seeking a Lead IT Auditor for our client in the Mclean, VA area. 

Metro Systems is seeking a Lead IT Auditor for our client in the Mclean, VA area. This person will lead, oversee and conduct complex financial, IT or compliance audits. To provide high-level technical expertise to Sr. Internal Auditors while supporting wide-ranging Internal Audit initiatives.


  • Leads, oversees and conducts the most complex IT audits in accordance with company and industry audit standards.
    • Leads project team members on assigned tasks.
    • Edits and assembles high-quality audit reports for presentation to senior management.
    • Ensures audit standards are in compliance with IT standards published Federal/Nation Associations.
  • Manages other auditors as the auditor-in-charge to ensure timely and effective audits.
    • Oversees and evaluates changes in procedures and/or controls to verify their effectiveness.
    • Ensures audit consistency with corporate objectives by providing new procedures and/or changes of audit standards to all involved.
    • Stays informed of new IT implementations and best practices.
    • Advises management of emerging security and technical risks. 
    • Performs enterprise IT risk management assessments.
    • Coordinates external IT audits as required.
    • Assists in designing and performing data extraction and preparing data analysis reports.
    • Contributes to the continuous auditing program.
    • Assists other Internal Auditors in completing IT components of audits and completing computer assisted audit techniques.
  • Provide expertise to other Internal Auditors and other staff.
    • Provides expert technical guidance and direction to Internal Audit staff for audit standards.
    • Serves as the main liaison to the Information Services department for IT initiatives and audits with IT components.
    • Advances internal audit staff knowledge and understanding of specific IT audit standards.
    • Identifies and documents IT functional requirements including specific description of IT functions, work flow processes, input and output descriptions, procedural flows, data elements, performance criteria, and security and control requirements.
    • Provides technical expertise in determining effective security controls.
    • Provides input to the annual work program and ensures adequate coverage related to IT audits.
  • Participates as a team member in meetings and discussion groups on major projects related to the development and improvement of products and procedures.
    • Facilitates group discussions to further team goals and projects.
    • Supports internal audit initiatives by recommending improvements to products and services.
    • Provides status reports to Internal Audit management on the progress of audits and key issues raised during audit testing.
    • Maintain communication with company’s management throughout the audit process.
  • Reports on team progress to management.
    • Develops project plans for process improvement.
    • Provides information to the management to assist in setting priorities.
    • Surveys relevant audit procedures and updates for up-to-date information.

Must be fluent in auditing the following areas.

  • Information Security
  • Cloud Services
  • 3rd Party hosted services (KSP, SSAE-16 SOC 2)
  • Vendor Management
  • Patch Management
  • Application Development
  • SDLC
  • Project Management
  • Virtualization
  • Unix\Linux
  • WIndows AD
  • Firewalls
  • Business Continuity
  • Online or Mobile applications
  • Network Performance
  • Voice\Call Center Systems
  • Penetration testing\vulnerability assessments
  • Network Management
  • IT Operations


  • Experience that demonstrates knowledge and skill of information technology.
  • Experience and knowledge of information security analysis and design techniques.
  • Expert knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies.
  • Extensive experience in project planning and resource management
  • Strong planning and organizational skills
  • Strong research, analytical, and problem solving skills
  • Strong verbal, written and interpersonal communication skills.
  • Ability to present findings and conclusions clearly and concisely.


  • Bachelor Degree in business, information systems, or related field
  • CISSP, CISA or other related Information Security and Information Technology certifications.
  • Experience in network engineering, information security, application development, systems development, business continuity, and databases.
  • Experience and knowledge in IT auditing.
  • Knowledge of programming and data extraction products such as ACL, ezTrieve, ISPF, JCL, Lotus Notes and other products.

MSI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.