Senior Cybersecurity Audit Lead

Job Family:

Travel Required:

Clearance Required:

The cybersecurity audit lead for a federal agency is a senior position responsible for managing and executing IT security audits and assessments. The role focuses on ensuring that the agencys information systems and data are compliant with all relevant federal regulations including mandates from FISMA NIST and OMB. This involves leading a team reporting to senior management and acting as a subject-matter expert on all matters related to cybersecurity compliance and risk management.

What You Will Do:

• Support the development of the overall technology and cybersecurity program to deliver against strategic objectives. Evaluate cybersecurity program effectiveness in identifying managing and reducing risk.
• Provide coordinated support for all aspects of the audit process from initial scoping and planning to final reporting and remediation.
• Review audit plans to assess the adequacy of security controls designed to protect against threats and vulnerabilities.
• Supervise and mentor audit staff coaching them to enhance their technical auditing skills.
• Review working papers reports and other audit documentation to ensure quality and completeness.
• Perform risk assessments to identify manage and mitigate cyber risks as needed.
• Ensure the agencys systems policies and procedures comply with federal cybersecurity mandates and frameworks including NIST 800-53 FedRAMP and FISMA.
• Provide input into the agencys cybersecurity policies standards and playbooks based on audit results and evolving regulatory requirements.
• Present complex audit findings risks and recommended actions to both technical staff and executive management in a clear and understandable manner.
• Influence management and stakeholders to ensure corrective action plans are created and implemented in a timely manner.
• Provide value-added insights and recommendations to improve the overall security posture and operational efficiency.
• Identify opportunities to enhance the efficiency and effectiveness of the internal audit process and methodologies.
• Evaluate the effectiveness of testing of security controls to validate closure of audit findings.
• Collaborate cross-functionally with internal analysts and engage external stakeholders to build awareness of cybersecurity risk assessment initiatives.
• Leverage AP writing style to write and communicate detailed reports to support leadership decision making.

What You Will Need:

• An ACTIVE and MAINTAINED SECRET federal security clearance.
• Bachelors Degree AND NINE (9) years of relevant cybersecurity or IT audit experience OR a Masters Degree AND SEVEN (7) years of relevant experience.
• Team leadership or management experience within cyber security risk analysis
• Excellent verbal and written communication skills specifically in report writing.
• Certified Information Systems Auditor (CISA) certification

What Would Be Nice To Have:

• One or more of the following certifications: Certified Information Systems Security Professional (CISSP) Certified Authorization Professional (CAP) now part of the Certified in Governance Risk and Compliance (CGRC)
• Experience consulting at federal agencies such as the Department of State on cybersecurity audits and / or IT controls
• Demonstrated experience in the areas of external client-facing management and/or consulting for large firms

What We Offer:

Guidehouse offers a comprehensive total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical Rx Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity EmployerProtected Veterans Individuals with Disabilities or any other basis protected by law ordinance or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities or to apply for a position and you require an accommodation please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @ or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse please report the matter to Guidehouses Ethics Hotline. If you want to check the validity of correspondence you have received please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicants dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.