The Candidate shall provide audit support that manages the customer’s preparation for, execution of, and response to external cyber audits such as Command Cyber Operational Readiness Inspection (CCORI), Command Cyber Readiness Inspection (CCRI), Cybersecurity Service Provider (CSSP), Federal Information Security Management Act (FISMA), and Federal Information Systems Controls Audit Manual (FISCAM) audits. This includes, but is not limited to, aggregating documents and artifacts, securing the facilities and infrastructure necessary to house auditors and meetings, developing presentations, briefs, and other products as needed to brief stakeholders on audit readiness status, coordinating audit activities across the enterprise, and conducting routine internal audit assessments to ensure a continuous level of audit readiness.
Job Duties Include:
Ensure the Cybersecurity Operation Cell (CSOC) is prepared to successfully pass inspections and audits at all times; this includes but is not limited to identifying the audit criteria for CCRI/CCORI, FISMA, FISCAM, and CSSP audits
Review regulations, directives, guidance, grading criteria, regulations, and other documents and products as required to identify applicable cybersecurity standards and inspection criteria;
Perform self-assessments of CSOC services to identify deficiencies, gaps, or other issues and provide remediation recommendations to government CSOC leadership
Coordinate and collaborate with other Contracts, Government entities, and activities to identify and remediate any findings outside the direct control of the CSOC
Provide weekly and monthly status briefings and reports to the Government on the status of findings and remediation status
Develop, update, and maintain, dashboards, charts, documents, reports, and other products as required to accurately depict audit readiness
Provide input to the Weekly CSOC Status Report
Coordinate and collaborate with any internal or external stakeholders (government and contractor) as needed or directed by the government in support of this service
8+ years of experience and a Bachelor’s degree or an equivalent combination of education and relevant years of experience
Experience preparing organizations for CCRI/CCORI, CSSP, and FISMA audits
Knowledge of the NIST Cybersecurity Framework
Working knowledge of DOD Cybersecurity Services Evaluator Scoring Metrics (ESM) V.10
Working knowledge of DoDIN Inspection Coordination Guides
Working knowledge of DoDIN Inspection Pre-Deployment Checklists
Working knowledge of the areas of CCORI to include, but not limited to, DCO-IDM effectiveness, Traditional Security STIG checks, Contributing Factors and CND Directive scoring
Candidates performing audit support services shall have or obtain within six months of start a certification that is in compliance with DoDD 8140.01 and DoD 8570.01-M 1040 IAT Level II and CSSP Auditor.
Willingness to obtain CSSP Auditor certification within 6 months of joining the team
Active TS/SCI clearance with eligibility to obtain CI Poly
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.