Emerging Tech is hiring multiple Cybersecurity Auditors, Subject Matter Experts (SMEs) to support a client with compliance assessments and auditing functions for state IT systems in Florida. The specialist will work as an independent reviewer in close coordination with the OCIG (Office of the Chief Inspector General).

This is a Contracted, Mid-Level position based in Tallahassee, FL, with a requirement to reside within 50 miles of Tallahassee. Periodic travel to the client site in Tallahassee, FL is required.

Core Responsibilities and Auditing Mandate

The primary focus of this role is on performing independent compliance reviews, auditing functions, and risk management activities against stringent government and federal standards.

• Compliance and Auditing: Perform IT compliance reviews and audits in accordance with government auditing standards (GAO Yellow Book).
• Risk Management: Assist in risk assessments, control testing, and compliance evaluations against state and federal standards, including NIST Cybersecurity Framework (CSF) and Florida cybersecurity standards (Rule 60GG-2, F.A.C.).
• Governance Review: Review IT policies, procedures, and system documentation for adherence to cybersecurity requirements. Provide independent recommendations to strengthen IT governance, processes, and controls.
• Reporting & Collaboration: Support the development of reports, presentations, and recommendations for CIG leadership. Collaborate with OCIG and OIG personnel to deliver audit and compliance findings.
• Data Handling: Ensure all work is conducted in compliance with laws governing sensitive data, including HIPAA, PII, FERPA, and CJIS.

Qualifications and Required Expertise

The role requires significant experience (5+ years) conducting IT audits within a government setting and expertise in specific auditing and security frameworks.

• Experience: Minimum 5+ years of experience conducting IT audits, compliance reviews, or risk management assessments in government settings.
• Education: Bachelor’s or Master’s in Computer Science, Cybersecurity, Information Technology, Information Security, or related technical fields.
• Required Standards Knowledge:
  • Working knowledge of NIST CSF and Florida cybersecurity standards under Rule 60GG-2, F.A.C.
  • Familiarity with GAO Yellow Book and IIA Red Book auditing standards.
• Data Compliance: Experience handling sensitive/restricted data in compliance with applicable laws and exemptions (HIPAA, FERPA, CJIS).
• Certifications (Preferred): Professional certifications preferred (e.g., CISSP, PMP, CEH).
• Skills: Strong analytical and communication skills with the ability to provide evidence-based recommendations.