Our client has an opening for an IT Security Risk Auditor onsite in Lexington, MA
Applicants must be eligible to obtain a Top Secret security clearance
The IT Security Risk Auditor is responsible for maintaining and auditing programs to validate compliance with various government regulations and client Information Security policies.
The position is responsible for conducting comprehensive assessments of the management, operation, monitoring and technical security controls employed within or inherited by Information Systems to determine the overall effectiveness of the controls (i.
e. the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome) with respect to meeting the security requirements of the Authorization to Operate (ATO) or other government regulation or contractual requirement for the system and for the ability to conduct open source and internal research to identify current threat indicators, exploits, and vulnerabilities.
Requirements :
- Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or related field is required with a minimum of seven (7) years' experience conducting risk assessments.
- Experience in compliance auditing, security reviews, or vulnerability assessments.
- Technical experience and skills, course work completed toward a degree, and industry IT certifications (i.e. CISSP, CISA) may be considered substitutes for education and experience.
- Candidate must possess an in-depth knowledge of information security principles and policies such as Risk Management Framework (RMF) as presented by the National Institute of Standards and Technology (NIST), NIST SP 800-171 and Security Technical Implementation Guides (STIGs).
- The ability to read, understand and apply government regulation, policies and procedure such as the National Industrial Security Program Operating Manual (NISPOM), 32 CFR Part 117, FAR / DFARS Safeguarding CUI series (252.
204-7012, etc.), computer security principles and policies, to include, Security Technical Implementation Guides (STIGs) and NIST 800-53 / Risk Management Framework (RMF) and NIST SP 800-171.
Working experience directly related to Assessment and Authorization using any of the following :
o NIST 800-53 / Risk Management Framework (RMF)
o Joint Special Access Program (SAP) Implementation Guide
o NIST SP 800-171 Understanding of CMMC Framework
o National Industrial Security Program Operating Manual (NISPOM) Chapter 8
Preferred :
- Information Assurance Certifications preferred (CISSP / CISA, Security+, CCP / CCA, or other industry-recognized Certification that validate knowledge in Cybersecurity framework or equivalent).
IT Security RIsk Auditor
The IT Security Risk Auditor is responsible for maintaining and auditing programs to validate compliance with various government regulations and client Information Security policies. The position is responsible for conducting comprehensive assessments of the management, operation, monitoring and tec...
Lead - IT Risk and Security
Monitor and report on risks to ensure understanding and mitigation. Position: Risk Management Leader. The candidate will ensure that important risks are understood and aligned with acceptable levels. Assess risks, including their likelihood and impact, and develop mitigation strategies. ...
Cost Analyst Senior - Security Clearance Required
The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. The MITRE Corporation’s Cost & Business Analytics Department is seeking a cost analyst to support multiple projects solving our cus...
Research and Documentation Analyst - Security Clearance Required
Research and Documentation Analyst. Research and Documentation Analyst. Research and Documentation Analyst. ...
Configuration Analyst Senior / Aerospace / Westford, MA - Security Clearance Required
We have an exciting opportunity for a Senior Configuration Analyst to join our team at our campus in Westford, MA. The Senior Configuration Analyst will have the opportunity to work with our top, industry leading multi-disciplined design professionals. The Analyst will have the opportunity to design...
Requirements Analyst - Security Clearance Required
Accenture Federal Services’ National Security Portfolio (NSP) is seeking a highly motivated Requirements Analyst to support the integration, testing, deployment, and sustainment of a Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) system to provide ...
Cyber Threat Intel Analyst - Security Clearance Required
Join our small but dynamic and impactful team of talented and forward leaning analysts in supporting cybersecurity operations to meet US Air Force requirements here at Hanscom AFB, MA. You will be part of a team of analysts supporting Air Force programs in acquisition and sustainment to assess and i...
Criminal Intelligence Analyst (Cyber Threat Intel) - Security Clearance Required
S Department of Homeland Security Office of Intelligence and Analysis (I&A), Cybersecurity and Infrastructure Security Agency (CISA), the U. The Cyberthreat Intelligence Analyst’s responsibilities will include strategic intelligence analysis to provide an overall picture of the intent and capabiliti...
Senior IT Internal Auditor
Under the general guidance of the Senior Manager - IT Internal Audit and the Director - IT Internal Audit, the Senior IT Internal Auditor will be responsible for the development and execution of IT, application and data analytics controls testing in accordance with MFS' internal audit plan. The Seni...
Information Security & Privacy Analyst
Bachelor's degree from an accredited college or university in Computer and Information Science, Computer Engineering, Computer Systems Analysis, Information Cybersecurity and five (5) years of progressive information security experience across various information security/information technology risk...