Senior Cybersecurity Risk & Compliance Consultant
Guidehouse
Cyber Security
Senior Cybersecurity Audit Lead
Guidehouse
full-time
Posted on:
Location Type: Office
Location: Arlington • District of Columbia, Virginia • 🇺🇸 United States
Visit company websiteSalary
💰 $130,000 - $216,000 per year
Job Level
Senior
Tech Stack
Cyber Security
About the role
- Support the development of the overall technology and cybersecurity program to deliver against strategic objectives.
- Evaluate cybersecurity program effectiveness in identifying, managing, and reducing risk.
- Provide coordinated support for all aspects of the audit process, from initial scoping and planning to final reporting and remediation.
- Review audit plans to assess the adequacy of security controls designed to protect against threats and vulnerabilities.
- Supervise and mentor audit staff, coaching them to enhance their technical auditing skills.
- Review working papers, reports, and other audit documentation to ensure quality and completeness.
- Perform risk assessments to identify, manage, and mitigate cyber risks as needed.
- Ensure the agency's systems, policies, and procedures comply with federal cybersecurity mandates and frameworks, including NIST 800-53, FedRAMP, and FISMA.
- Provide input into the agency's cybersecurity policies, standards, and playbooks based on audit results and evolving regulatory requirements.
- Present complex audit findings, risks, and recommended actions to both technical staff and executive management in a clear and understandable manner.
- Influence management and stakeholders to ensure corrective action plans are created and implemented in a timely manner.
- Provide value-added insights and recommendations to improve the overall security posture and operational efficiency.
- Identify opportunities to enhance the efficiency and effectiveness of the internal audit process and methodologies.
- Evaluate the effectiveness of testing of security controls to validate closure of audit findings.
- Collaborate cross-functionally with internal analysts and engage external stakeholders to build awareness of cybersecurity risk assessment initiatives.
- Leverage AP writing style to write and communicate detailed reports to support leadership decision making.
Requirements
- An ACTIVE and MAINTAINED SECRET federal security clearance.
- Bachelor’s Degree AND NINE (9) years of relevant cybersecurity or IT audit experience, OR a Master’s Degree AND SEVEN (7) years of relevant experience.
- Team leadership or management experience within cyber security risk analysis
- Excellent verbal and written communication skills, specifically in report writing.
- Certified Information Systems Auditor (CISA) certification
Benefits
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Position may be eligible for a discretionary variable incentive bonus
- Parental Leave and Adoption Assistance
- 401(k) Retirement Plan
- Basic Life & Supplemental Life
- Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
- Short-Term & Long-Term Disability
- Student Loan PayDown
- Tuition Reimbursement, Personal Development & Learning Opportunities
- Skills Development & Certifications
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Emergency Back-Up Childcare Program
- Mobility Stipend
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity program developmentrisk assessmentaudit processsecurity controls evaluationtechnical auditingreport writingcompliance with NIST 800-53FedRAMPFISMAcybersecurity policies
Soft skills
team leadershipmentoringcommunicationinfluencingcollaborationanalytical thinkingproblem-solvingpresentation skillscoachingstakeholder engagement
Certifications
Certified Information Systems Auditor (CISA)SECRET federal security clearance
