Building, Factory, Bartender, Person, Worker, Luggage, Suitcase, Train, Transportation

Sr. IT Cybersecurity Auditor (385499)RestonVirginia.

Sr. IT Cybersecurity Auditor (385499)

Reston | Virginia | United States

Senior IT Cybersecurity Auditor to join the Office of the CISO’s Cybersecurity Audit and Compliance team in Reston, VA. This position requires a person with hands-on Information Systems Security Engineering/Cybersecurity Engineering experience with information system security assessments, Risk Management Framework (RMF) or NIST Cybersecurity Framework implementation. They will primarily interface with the technical IT functional teams to perform cybersecurity audits, provide SME guidance in remediating discrepancies, and validate plans of actions and milestones to ensure compliance with internal standards and DFARS requirements. In this role, they will be instrumental in the building, implementation, and maturation of a comprehensive and repeatable Cybersecurity IT audit and compliance program. The Senior IT Auditor will take a proactive approach partnering and engaging with the IT functional teams to validate current and new cybersecurity compliance requirements to ensure DFARS compliance ESSENTIAL FUNCTIONS: (This list may not include all essential functions) • Responsible for conducting cybersecurity design and effectiveness assessments of BAE Systems IT Operational and Applications functional groups to ensure compliance with internal standards as informed by NIST 800-53 and 800-171 standards. • Validates that processes and procedures, documentation, and other supporting artifacts required for compliance are provided, are maintained by the functional team, and support compliance. • Manages audit plan to ensure on time performance of assessments by IT functional groups; maintains and reports weekly status. • Remains current on cybersecurity auditing practices, emerging threats, industry regulatory changes, and internal company policy and process changes. • Proactively interfaces with BAE Systems IT functional groups to enhance their understanding of the Cybersecurity controls to drive improved security compliance and management of risk, and to strengthen effectiveness of cybersecurity controls. • Prepares and reports on audit recommendations and ensures they are accurately tracked in audit repository. • Interfaces with IT functional groups to ensure their plan to remediate discrepancies is aligned with internal company IT standards; develops remediation validation plan and works with IT functional groups to validate compliance per the remediation schedule. • Performs other related duties and responsibilities as required

QUALIFICATIONS: • Specific knowledge of NIST SP 800-171 and NIST SP 800-53 or similar security controls. • Working knowledge of Risk Management Framework (RMF) or NIST Cybersecurity Framework implementation. • General knowledge of IT Applications operations and technologies, and IT Operational services such as Network Infrastructure technologies (WAN/LAN), Cybersecurity, Active Directory, Backup & Recovery, Data Centers, Messaging, Mobile Technologies, Remote Access, Storage, Operating Systems, Virtualization Services, and IT Service Desk. • General knowledge of the interrelationships between IT Applications Experience articulating cybersecurity requirements and controls across technical boundaries in a clear, concise, and organized manner. • Specific knowledge of foundational IT processes that support an IT environment such as Change Management, Configuration Management, etc. • Proven ability to synthesize information from multiple sources to draw logical conclusions and support audit analysis and remediation validations. • Functions well both as an individual contributor and in team environments where collaboration and adaptability are important. • Extensive experience building productive, collaborative, and sustainable internal working relationships. • Demonstrated ability to handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision. • Excellent verbal and written communication skills, ability to effectively communicate with technical and non-technical audiences. • Cybersecurity Certification such as: o Cybersecurity Analyst (CySA+) o Certified Information Security Auditor (CISA) o Certified Authorization Professional (CAP) o Security + CE o GIAC Security Essentials Certification (GSEC) o GIAC Systems and Network Auditor (GSNA)

8+ years of experience and increasing responsibilities in IT audit and compliance roles.


Bachelor's or Master’s degree from an accredited college or university, preferably with an emphasis in information systems, computer science, accounting, business or other related fields, and a minimum of ten (10) years of experience that is directly related to the duties and responsibilities specified.

I'm interested

Not You?

Thank you. Please complete your application on the next page.

People also viewed

Business Data Quality Engineer

378635 Herndon Virginia United States Herndon, Virginia, United States
Please note that this is not a corp to corp or remote work eligible position.HRU has teamed up with Volkswagen Group of America to find a Business Data Quality Engineer for its Herndon, VA location. This is a long-term contract position offering a...

Audi Data Science Community Lead

378629 Herndon Virginia United States Herndon, Virginia, United States
Responsibilities:·       Lead Data Science Community: Build and formalize internal data science community incl. identified members from all departments ·       Plan & meet: carry out regular internal meetings with data science community in per...

Space RF Telecom Principal Engineer

361136 Boulder Colorado United States Boulder, Colorado, United States, 80301
Leads RF Telecom Systems Engineering throughout the lifecycle of space vehicle (SV) development for major programs.  An RF telecom subsystem may be an entire communications payload or a subassembly to carry tracking, telemetry, command, and instru...

Full Stack Developer - .NET (01040)

355795 Sparta Michigan United States Sparta, Michigan, United States, 49345
Job DescriptionOur Shop Floor Systems Developers participate in all phases of the software development lifecycle and provide high-level support for our proprietary suite of mission-critical, globally deployed, highly configurable, shop floor appli...

Join our Talent Network

More about us and our clients

HRU has developed a large network of available candidates nationwide, as the company has been providing recruiting and staffing services in up to 22 States for over 25 years. We specialize in engineering, IT, technical and other support services. We are able to recruit and successfully place candidates in job openings in a variety of other fields and positions as well, such as human resources, administration, management, purchasing, sales, customer service, accounting, organic chemistry and more. HRU is able to service clients, regardless of location, by assigning an Account Manager and experienced Recruiters to provide the necessary staffing and support services. Likewise, HRU may assist job seekers anywhere in the United States, regardless of location.




Logo, Trademark
Logo, Trademark
Logo, Trademark