Plan and perform audits of information systems and related processes in a multi-platform environment.
Author project security authorization packages that must comply with FISMA and NIST RMF.
Create, collect information, and maintain a security assessment Evidence Library.
Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
Manage delivery issues and participate in problem and change management meetings.
Participate in new system development and implementation reviews by reviewing project documentation, conducting interviews, and assessing work completed.
Ensure that development efforts are in compliance with organizational policies, standards and procedures, and controls are adequately incorporated into the systems.

Bachelor's Degree and 8 years of experience, Master's degree and 6 years of experience, PhD and 1 years of experience, or equivalent combination of education and experience.
At least one IT security certification is highly preferred (Security+, CISSP, GIAC Security Essentials, SSCP, CISM, CISA).
Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
Strong analytical and problem-solving skills to enable effective security incident and problem resolution is essential.
Excellent knowledge of MS Word, Outlook, PowerPoint, Excel.
Working knowledge of generally applicable and accepted auditing standards and framework (e.g., COBIT) and best practices for IT services management (e.g., ITIL).

Senior Cybersecurity Auditor

Key skills