INFORMATION SYSTEMS AUDITOR
K2 Group, Inc. · Arlington, VA · 21 mo ago
On-siteInformation TechnologyFull-time
About the role
This is a contingent opportunity to conduct technical cyber and communications vulnerability assessments of computer networks, other technology (OT) systems, telecommunications, and other communications systems.
Responsibilities
- Perform oversight of the development, implementation, and evaluation of IS security program policy, with a focus on integrating existing network infrastructure.
- Advises the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues.
- Evaluates Authorization packages and makes recommendations to the AO and/or DAO for authorization.
- Determines whether additional safeguards are needed based on IS threats and vulnerabilities.
- Ensures security assessments are completed and results are documented, preparing the Security Assessment Report (SAR) for the Authorization boundary.
- Initiates a Plan of Action and Milestones (POA&M) with identified weaknesses for each Authorization Boundary assessed, based on findings and recommendations from the SAR.
- Reviews and concurs with all sanitization and clearing procedures in accordance with Government guidance and/or policy.
- Affords assistance during Government compliance inspections and ensures proper and corrective measures are taken for security incidents related to cybersecurity.
- Evaluates the effectiveness and implementation of Continuous Monitoring Plans.
- Evaluates hardware and software for their security impact on Authorization boundaries.
- Represents the customer on inspection teams.
- Supports the Government with security incidents that relate to cybersecurity and ensures proper measures are taken.
- Evaluates proposed changes to Authorization boundaries' operating environment and mission needs to determine the continuation to operate.
- Assists in ensuring organizations address and conduct all phases of the system development life cycle (SDLC).
Requirements
- 5 - 7 years related experience.
- At least 3 years’ experience in SAP, SCI, or Collateral Information Systems (IS) Security and the implementation of regulations identified in the duties.
- Prior performance in the role of ISSO and ISSM.
Qualifications
- Possess a Bachelor's degree in a Computer Science, Computer Engineering, Electrical Engineering, or a related technical discipline. Alternatively, commensurate operational experience may be substituted.
- Possess IAT Level II certifications and CSSP Analyst computing environment certification as defined and described in Joint Publication 3-13 Information Operations and 3-12 Cyberspace Operations, DoDI 8500.1 and DoD 8570.01 and 8570.01-M.
Skills
- Working knowledge of computer network architecture and network diagraming.
- Working knowledge of Computer Network vulnerability/compliance analysis software.
Benefits
K2 Group’s benefit offerings include:
- Medical/Dental/Vision Insurance;
- FSA Medical & FSA Dependent Care;
- Pre-tax 401(k) & ROTH 401(k) plans;
- Profit Sharing Plan;
- Life & Accidental Death Insurance;
- Short Term/Long Term Disability;
- Voluntary Group Life Insurance option;
- Tuition Reimbursement;
- Job-related Course Reimbursement;
- Holiday Pay;
- Paid Time-Off.