About the role

Information Assurance Specialist providing audit support for cyber audits at GDIT, requiring strong cybersecurity expertise. Role involves preparation and response to external audits for government clients.

Responsibilities

Provide audit support that manages customer’s preparation for, execution of, and response to external cyber audits such as Command Cyber Operational Readiness Inspection (CCORI), Command Cyber Readiness Inspection (CCRI), Cybersecurity Service Provider (CSSP), Federal Information Security Management Act (FISMA), and Federal Information Systems Controls Audit Manual (FISCAM) audits
Ensure the Cybersecurity Operation Cell (CSOC) is prepared to successfully pass inspections and audits at all times
Review regulations, directives, guidance, grading criteria, regulations, and other documents and products as required to identify applicable cybersecurity standards and inspection criteria
Perform self-assessments of CSOC services to identify deficiencies, gaps, or other issues and provide remediation recommendations to the Chief of Cyber Readiness
Coordinate and collaborate with other Contracts, Government entities, and activities to identify and remediate any findings outside the direct control of program staff
Provide status briefings and reports to the Government on the status of findings and remediation status
Develop, update, and maintain dashboards, charts, documents, reports, and other products as required to accurately depict the customers audit readiness

Bachelor’s Degree with a minimum of 6 years demonstrated experience supporting an IC or DoD agency in an auditor role
Considerable experience preparing organizations for CCRI/CCORI, CSSP, and FISMA audits
Strong understanding of the NIST Cybersecurity Framework
Working knowledge of DOD Cybersecurity Services Evaluator Scoring Metrics (ESM) V.10
Working knowledge of DoDIN Inspection Coordination Guides
Working knowledge of DoDIN Inspection Pre-Deployment Checklists
Working knowledge of the areas of CCORI to include, but not limited to, DCO-IDM effectiveness, Traditional Security STIG checks, Contributing Factors and CND Directive scoring
Strong understanding of cybersecurity compliance policy, governance, programs, processes, and metrics
Excellent verbal and writing skills with the ability to write clear and concise assessment reports
Demonstrated experience providing briefings to an executive audience
IAT Level II certified
Willingness to obtain CSSP Auditor certification within 6 months of joining the team

a variety of medical plan options
dental plan options
vision plan
a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
full flex work weeks where possible
a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
short and long-term disability benefits
life insurance
accidental death and dismemberment insurance
personal accident insurance
critical illness insurance
business travel and accident insurance