Audit Lead - Information Security
This company is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire an Information Security and Privacy Audit Lead to provide a full range of audit, compliance and risk analysis services on a long term contract in Baltimore, MD. The position is full time/permanent and supports a US Government civilian agency. The position is available immediately upon finding a well-qualified candidate with the appropriate background clearance.
- Familiarity with the Federal Information Security Modernization Act (FISMA) and associated annual and quarterly reporting requirements.
- 2 to 4 years of Audit experience.
- Possesses a strong understanding of the NIST Special Publication 800-53 security and privacy controls, the NIST Cybersecurity Framework and other information security and privacy laws and regulations.
- Experience with development and writing of risk-based documentation.
- Strong communication ability across all levels of management.
- Ability to coordinate artifact requests associated with various audits across multiple stakeholders and organizations.
- BS degree or other four year college degree, or equivalent work experience
- CIPP/US, CIPP/G, CISSP, CISM, or CISA preferred
- Ability to obtain and hold a government Security clearance
- Must be a U.S. citizen
Additional Experience Preferred:
- 4 to 6 years of Audit experience.
- Experience with Federal agencies/Federal contract work.
- Experience with FISMA annual and quarterly audit.
- Experience supporting large and complex audits; inclusive of working with multiplestakeholders, coordinating the collection, review and analysis of artifacts and delivery to management.
- Possesses an intermediate understanding of IT security systems, architecture, and network topologies.
- Experience working with an automated GRC tool (e.g. RSA Archer, CSAM).
- Has lead small teams (2-5 staff).
- Experience with SharePoint or similar database/document management tools.
Provide audit liaison support for a federal government agency by leveraging subject matter expertise to interpret audits requirements, evaluate artifacts, and respond to audit requests. Coordinate with various external auditors (GAO, OIG, HHS, DHS) with the collection, review/analysis and submission of artifact requests. Issue data calls to internal agency stakeholders to collect artifacts and follow up with stakeholders as necessary to drive the audit to closure. Develop the annual and quarterly FISMA reports to submit to the government task lead for review and ultimate submission to Congress. Prepare and deliver quarterly briefings to executive management.
- Support each audit engagement by collaborating with agency audit liaisons and stakeholders.
- Research and write audit responses, determine the right credible stakeholder(s) to respond to audit requests. Document results.
- Provide guidance to members of the audit team.
- Assist with the maintenance and management of an audit database to track and monitor audit requests and responses that is accessible by multiple stakeholders.
- Assist with the maintenance and management of a findings list and follow the plan(s) of action and milestones through remediation and
- Maintain metrics and provide reporting on the progression of an audit.
- Draft the executive summary for the annual FISMA report.
- Attend FISMA Working Group Meetings and any other audit related meetings, as applicable.
- Support ad-hoc audit requests as necessary.
Pay: $110,000 to $120,000/year
$110000 to $120000 Per Year
Job Status: Full Time