Building, Factory, Bartender, Person, Worker, Luggage, Suitcase, Train, Transportation

Sr. IT Cybersecurity Auditor (385499)RestonVirginia.

Sr. IT Cybersecurity Auditor (385499)

  • Reston, Virginia, United States

Senior IT Cybersecurity Auditor to join the Office of the CISO’s Cybersecurity Audit and Compliance team in Reston, VA. This position requires a person with hands-on Information Systems Security Engineering/Cybersecurity Engineering experience with information system security assessments, Risk Management Framework (RMF) or NIST Cybersecurity Framework implementation. They will primarily interface with the technical IT functional teams to perform cybersecurity audits, provide SME guidance in remediating discrepancies, and validate plans of actions and milestones to ensure compliance with internal standards and DFARS requirements. In this role, they will be instrumental in the building, implementation, and maturation of a comprehensive and repeatable Cybersecurity IT audit and compliance program. The Senior IT Auditor will take a proactive approach partnering and engaging with the IT functional teams to validate current and new cybersecurity compliance requirements to ensure DFARS compliance ESSENTIAL FUNCTIONS: (This list may not include all essential functions) • Responsible for conducting cybersecurity design and effectiveness assessments of BAE Systems IT Operational and Applications functional groups to ensure compliance with internal standards as informed by NIST 800-53 and 800-171 standards. • Validates that processes and procedures, documentation, and other supporting artifacts required for compliance are provided, are maintained by the functional team, and support compliance. • Manages audit plan to ensure on time performance of assessments by IT functional groups; maintains and reports weekly status. • Remains current on cybersecurity auditing practices, emerging threats, industry regulatory changes, and internal company policy and process changes. • Proactively interfaces with BAE Systems IT functional groups to enhance their understanding of the Cybersecurity controls to drive improved security compliance and management of risk, and to strengthen effectiveness of cybersecurity controls. • Prepares and reports on audit recommendations and ensures they are accurately tracked in audit repository. • Interfaces with IT functional groups to ensure their plan to remediate discrepancies is aligned with internal company IT standards; develops remediation validation plan and works with IT functional groups to validate compliance per the remediation schedule. • Performs other related duties and responsibilities as required

QUALIFICATIONS: • Specific knowledge of NIST SP 800-171 and NIST SP 800-53 or similar security controls. • Working knowledge of Risk Management Framework (RMF) or NIST Cybersecurity Framework implementation. • General knowledge of IT Applications operations and technologies, and IT Operational services such as Network Infrastructure technologies (WAN/LAN), Cybersecurity, Active Directory, Backup & Recovery, Data Centers, Messaging, Mobile Technologies, Remote Access, Storage, Operating Systems, Virtualization Services, and IT Service Desk. • General knowledge of the interrelationships between IT Applications Experience articulating cybersecurity requirements and controls across technical boundaries in a clear, concise, and organized manner. • Specific knowledge of foundational IT processes that support an IT environment such as Change Management, Configuration Management, etc. • Proven ability to synthesize information from multiple sources to draw logical conclusions and support audit analysis and remediation validations. • Functions well both as an individual contributor and in team environments where collaboration and adaptability are important. • Extensive experience building productive, collaborative, and sustainable internal working relationships. • Demonstrated ability to handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision. • Excellent verbal and written communication skills, ability to effectively communicate with technical and non-technical audiences. • Cybersecurity Certification such as: o Cybersecurity Analyst (CySA+) o Certified Information Security Auditor (CISA) o Certified Authorization Professional (CAP) o Security + CE o GIAC Security Essentials Certification (GSEC) o GIAC Systems and Network Auditor (GSNA)

8+ years of experience and increasing responsibilities in IT audit and compliance roles.


Bachelor's or Master’s degree from an accredited college or university, preferably with an emphasis in information systems, computer science, accounting, business or other related fields, and a minimum of ten (10) years of experience that is directly related to the duties and responsibilities specified.

I'm interested

Not You?

Thank you. Please complete your application on the next page.

People also viewed

Desktop Field Service Technician (401424)

401424 Burlington Massachusetts United States Burlington, Massachusetts, United States
HRU has teamed up with a major player in the Defense and Aerospace Industry and is looking for a Desktop Field Service Technician! 2-4 years experience required and knowledge of ServiceNow ticketing is a huge plus! This position will start as a 6-...

Hydraulic System Engineer (375762)

375762 Winn Michigan United States Winn, Michigan, United States, 48896
The Hydraulic System Engineer will work with the other Systems Engineers and various Product Engineers to develop and validate new and modified Hydraulic Systems on current production machines, equipment under development, and any custom built equ...

Composite Technician

340728 Livonia Michigan United States Livonia, Michigan, United States
·         Job Description ·         Mold Preparation ·         Prepreg and wet layup ·         Curing and demolding of composite parts.  ·         Examine demolded parts for quality and define any defects.  ·         Obtain required informati...

Join our Talent Network

More about us and our clients

HRU has developed a large network of available candidates nationwide, as the company has been providing recruiting and staffing services in up to 22 States for over 25 years. We specialize in engineering, IT, technical and other support services. We are able to recruit and successfully place candidates in job openings in a variety of other fields and positions as well, such as human resources, administration, management, purchasing, sales, customer service, accounting, organic chemistry and more. HRU is able to service clients, regardless of location, by assigning an Account Manager and experienced Recruiters to provide the necessary staffing and support services. Likewise, HRU may assist job seekers anywhere in the United States, regardless of location.




Logo, Trademark
Logo, Trademark
Logo, Trademark