Responsibilities
We are looking to add an experienced Compliance & Audit team lead! The candidate will develop and maintains cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.
What you will do:
- Assess all the configuration management (change configuration/release management) processes.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.
- Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Review existing and proposed policies with stakeholders.
- Analyze organizational cyber policy.
- Conducts evaluations of an IT program or its individual components to determine compliance with published standards.
- Prepare a plan of action and milestones based on the findings and recommendations of a security assessment report excluding any remediation actions taken.
- Update a security plan, security assessment report, and plan of action and milestones based on the results of a continuous monitoring process.
- Review, conduct, or participate in audits of cyber programs and projects.
- Develop processes with the external audit group on how to share information regarding the continuous monitoring program and its impact on security control assessment.
- Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
- Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
- Review or conduct audits of information technology (IT) programs and projects.
- Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Qualifications
Required Qualifications:
- Bachelor’s degree with 10 yrs of experience as a security architect/engineer, audit and compliance or IT. Addtional years of expereince may be accepted in lieu of the degree.
- Experience in conducting audits or reviews of technical systems.
- Experience in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
- Experiences in applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Experience in reviewing & applying policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
- Experience in developing plans, policy, standard operating procedures, playbooks, reports, ROEs, and guides
- Must be a US Citizen
- Must be able to obtain and maintain the required agency clearance
Desired Qualifications:
- Ability to work with internal and external teams to define requirements, specify architectures, complete detailed designs, and oversee implementation
- Ability to work directly with executive level client leaders
- Proven project manager with strong organizational skills
- Excellent analytical, problem solving, and decision-making skills
- Excellent written communication skills
- Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism
- Excellent teamwork skills
Benefits:
At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We’re fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
#LI-ET1
Peraton Overview
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.
Range for Posting
Salary Minimum: $72,500 Salary Mid: $145,000 Salary Maximum: $181,300 The estimate displayed represents the typical salary range for this position, and is just one component of Peraton's total compensation package for employees. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Peraton provides a variety of benefits to employees.
An Equal Opportunity Employer including Disability/Veteran.