Cyber Security Auditor (TS/SCI)

Job Description

Cybersecurity Auditor

Job Site: Pentagon (on-site)

Shift Hours: Day-Shift; core support hours are 0600 -1800. You may conduct your workday in between these hours.

Overview: Seeking high-level IT Professionals to provide Cybersecurity Auditing duties including performing risk assessments, analyzing logs, and providing critical information to the leadership team in order to make important security-related decisions.

Roles and Responsibilities:

Audit components of the business including critical technology functions, infrastructure, cybersecurity, risk management, and applications across multiple repositories.

Identifies internal control standard methodologies.

Contributes to the development and execution of a continuous monitoring program for the businesses or functions covered.

Mitigates risk by following established procedures and monitoring controls, spotting key errors and demonstrating strong ethical behavior.

Report suspicious and anomalous audit findings to proper personnel, including supervisor, manager, or team.

Able to make recommendations for the timely correction of unsatisfactory conditions.

Review all relevant documents, records, reports and methods for accuracy and effectiveness.

Execute internal control testing for operations of varying complexity.

Perform audit tasks for multiple systems of moderate difficulty, demonstrating a degree of audit expertise consistent with experience level.

Prioritize and effectively plan own work activities managing multiple priorities and tasks across the team to deliver quality results.

Assist in communicating the results of audit projects to management via written reports and oral presentations.

Assist with development and maintenance of Internal Audit IT Risk Assessment.

Provides guidance to lesser experienced auditors and promotes the development of effective team relationships and functions to ensure success in the department. Coaches and mentors others on the use of various business systems, applications, and audit tools.

Independently identifies key IT controls and assesses their design and operating effectiveness.

Validates the remediation of issues and their corresponding corrective actions.

Establishes working relationships with stakeholders, teammates and Management of different levels.

Ability to communicate with System and Network SME’s for Technical assistance.

Working knowledge of SolarWinds Security Event Manager and Windows Event Log Viewer.

Knowledge of Audit and Accountability Control family per NIST SP 800-53.

Create and tailor audit reports for multiple levels of stakeholders.

Directs and performs reviews of internal control procedures and security for enhancement to current systems and new systems under development.

Ability to prepare audit finding memoranda and create working papers to ensure that adequate documentation exists to support the auditing process.

Familiar with NIST Special Publications (SP) 800-137 and NIST Special Publications (SP) 800-137A.

Ensure work is well organized with close attention to details.

Demonstrate excellent verbal and written communication skills.

Required Qualifications and Experience:

Qualified candidates must possess a TS//SCI security clearance

Security+

SolarWinds Security Event Manager (SEM)

SolarWinds Network Performance Monitor (NPM)

SolarWinds Log & Event Manager (LEM)

VMware, RHEL, Juniper, Cisco, Microsoft 2010, Microsoft server 2012/2016, NAS, Syslog

Effective communication and presentation skills (i.e., ability to present ideas effectively in formal and informal situations in group and individual settings).

Strong planning, organizational, and time management skills (i.e., ability to effectively plan, organize, and prioritize work, and to control and follow up to assure work completion).

Demonstrated initiative (i.e. initiate appropriate action without being directed) and ability to work independently.

Strong interpersonal skills (e.g., ability to work effectively on teams, communicate effectively, work/interact effectively and amicably with people from diverse backgrounds and cultures and with diverse personal attributes).

Company Description

Agensys Corporation is a small business IT Services firm headquartered in Loudoun County, Virginia. Our proven methodologies allow us to identify, attract and retain the highest quality of IT professionals. Agensys Corporation’s leadership team capitalizes in over 30 years of expertise in government and commercial sectors and is one of the fastest growing Services firms in the DC Metro Area. Our goal is to develop strong relationships with our partners to understand and exceed the needs of their unique environments.