Today
Secret
Senior Level Career (10+ yrs experience)
$125,000 - $150,000
IT - Security
Remote/Hybrid•Radford, VA (Off-Site/Hybrid)
Cybersecurity Software Assurance & Audit SME
LCAT: Information Assurance Engineer - Senior
Required Certifications: CISSP and/or ISSEP
Position Overview:
This position is for a Cybersecurity Software Assurance and Audit Subject Matter Expert. This is a remote position, with limited/periodic travel to Radford, VA. This position will support both cybersecurity Software Assurance (SwA) processes and Audit support for our customers.
Position Duties:
• Lead the cybersecurity portion of Software Assurance reviews on behalf of the client and hosted customers.
• Coordinate with team members to ensure that hosted application audit logs are properly configured and collected.
• Ensure that ACAS scans for servers hosting applications are remediated or mitigated to the appropriate level by coordinating with team members.
• Review Code Scan Analysis reports for accuracy and collaborate with ISSO/ISSM to validate or create necessary POA&M documentation.
• Act as a liaison between customers and the client's teams to facilitate efficient Software Assurance reviews.
• Compile Code Review Packages for final AO/AODR approval.
• Provide cybersecurity expertise and guidance for the design, implementation, and operation of DevSecOps pipeline.
• Serve as the client's Cybersecurity Subject Matter Expert (SME) for hosted customers with financial audit requirements.
• Oversee the process of reviewing, documenting, and monitoring privileged access to systems and data.
• Ensure compliance with policies regarding privileged access and make recommendations for improvements.
• Prepare for and participate in audits conducted by internal and external audit teams.
• Provide evidence and documentation to demonstrate compliance with security policies and regulatory requirements.
• Collaborate closely with IT, security, and compliance teams to gather necessary information for audits.
• Facilitate meetings with auditors to discuss findings, answer questions, and provide clarifications.
• Document audit findings, including any identified gaps or weaknesses, and track remediation efforts.
• Generate detailed reports for management summarizing audit activities, findings, and remediation status.
Required Skills:
• Senior level Cybersecurity experience
• Strong understanding of Software Assurance processes to include DevSecOps
• Familiarity with compliance frameworks and regulatory requirements.
• Strong analytical and problem-solving skills to identify and address security issues.
• Ability to interpret complex data and make informed decisions.
• Excellent verbal and written communication skills.
• Ability to effectively communicate audit findings and recommendations to both technical and non-technical stakeholders.
• Strong understanding of privileged access management and related security best practices.
• Strong interpersonal skills to work collaboratively with internal teams and external auditors.
• Attention to detail and ability to maintain accurate and comprehensive documentation.
• Self-starter, effective time management and ability to meet audit deadlines.
• Extensive knowledge of DoD STIGs, and IA Vulnerability Management (IAVM).
• Ability to work cooperatively as a member of a team.
• Ability to interpret and apply rules, regulations, and procedures.
• Ability to gather, analyze, and present facts.
• Understanding of DOD Risk Management Framework Assessment & Authorization (RMF A&A).
Required Certifications:
• DoD 8570.01-M IAM level III certification
o CISSP and/or ISSEP
Clearance Required:
• DoD Secret
Position Location:
• This position is remote. Limited/periodic travel to Radford, VA.
Education:
• Bachelor's degree or higher in IT related field
LCAT: Information Assurance Engineer - Senior
Required Certifications: CISSP and/or ISSEP
Position Overview:
This position is for a Cybersecurity Software Assurance and Audit Subject Matter Expert. This is a remote position, with limited/periodic travel to Radford, VA. This position will support both cybersecurity Software Assurance (SwA) processes and Audit support for our customers.
Position Duties:
• Lead the cybersecurity portion of Software Assurance reviews on behalf of the client and hosted customers.
• Coordinate with team members to ensure that hosted application audit logs are properly configured and collected.
• Ensure that ACAS scans for servers hosting applications are remediated or mitigated to the appropriate level by coordinating with team members.
• Review Code Scan Analysis reports for accuracy and collaborate with ISSO/ISSM to validate or create necessary POA&M documentation.
• Act as a liaison between customers and the client's teams to facilitate efficient Software Assurance reviews.
• Compile Code Review Packages for final AO/AODR approval.
• Provide cybersecurity expertise and guidance for the design, implementation, and operation of DevSecOps pipeline.
• Serve as the client's Cybersecurity Subject Matter Expert (SME) for hosted customers with financial audit requirements.
• Oversee the process of reviewing, documenting, and monitoring privileged access to systems and data.
• Ensure compliance with policies regarding privileged access and make recommendations for improvements.
• Prepare for and participate in audits conducted by internal and external audit teams.
• Provide evidence and documentation to demonstrate compliance with security policies and regulatory requirements.
• Collaborate closely with IT, security, and compliance teams to gather necessary information for audits.
• Facilitate meetings with auditors to discuss findings, answer questions, and provide clarifications.
• Document audit findings, including any identified gaps or weaknesses, and track remediation efforts.
• Generate detailed reports for management summarizing audit activities, findings, and remediation status.
Required Skills:
• Senior level Cybersecurity experience
• Strong understanding of Software Assurance processes to include DevSecOps
• Familiarity with compliance frameworks and regulatory requirements.
• Strong analytical and problem-solving skills to identify and address security issues.
• Ability to interpret complex data and make informed decisions.
• Excellent verbal and written communication skills.
• Ability to effectively communicate audit findings and recommendations to both technical and non-technical stakeholders.
• Strong understanding of privileged access management and related security best practices.
• Strong interpersonal skills to work collaboratively with internal teams and external auditors.
• Attention to detail and ability to maintain accurate and comprehensive documentation.
• Self-starter, effective time management and ability to meet audit deadlines.
• Extensive knowledge of DoD STIGs, and IA Vulnerability Management (IAVM).
• Ability to work cooperatively as a member of a team.
• Ability to interpret and apply rules, regulations, and procedures.
• Ability to gather, analyze, and present facts.
• Understanding of DOD Risk Management Framework Assessment & Authorization (RMF A&A).
Required Certifications:
• DoD 8570.01-M IAM level III certification
o CISSP and/or ISSEP
Clearance Required:
• DoD Secret
Position Location:
• This position is remote. Limited/periodic travel to Radford, VA.
Education:
• Bachelor's degree or higher in IT related field
group id: apexsan
