Cyber Information Assurance Specialist

Gunnison Consulting Group•Alexandria, VA

1d•Hybrid

About The Position

This position is contingent upon a future opening with Gunnison. The Cyber Information Assurance Specialist will provide cybersecurity audit management support to ensure compliance with federal regulations, agency policies, and information assurance requirements. This role involves maintaining, updating, and developing Audit Management Standard Operating Procedures (SOPs) and related documentation. The specialist will support and coordinate various cybersecurity audits and assessments, including FISMA, High Value Asset (HVA), Inspector General (OIG), Government Accountability Office (GAO), CFO, and internal control audits. Key responsibilities include maintaining and managing audit request and response repositories, conducting independent research, gathering audit evidence, and preparing responses to auditor requests. The role also involves collaborating with stakeholders to coordinate audit activities, track findings and remediation efforts, and assist with risk management activities. Facilitating audit meetings, developing performance metrics, and supporting the preparation and submission of audit responses and reports are also crucial aspects of this position.

Requirements

US Citizenship required
Master’s degree in Information Management Systems or related field
7+ years IT/security experience, including 3+ years supporting a federal Information Security Program
Experience with FISMA, FedRAMP, FIPS, NIST SPs, RMF, CSF
Experience executing A&A, developing risk recommendations, and managing GRC programs (RSA Archer)
Certifications: CISSP and CISA (mandatory)
Ability to obtain and maintain a Public Trust clearance

Responsibilities

Provide cybersecurity audit management support to ensure compliance with federal regulations, agency policies, and information assurance requirements.
Maintain, update, and develop Audit Management Standard Operating Procedures (SOPs) and related documentation.
Support and coordinate cybersecurity audits and assessments, including FISMA, High Value Asset (HVA), Inspector General (OIG), Government Accountability Office (GAO), CFO, and internal control audits.
Maintain and manage audit request and response repositories, ensuring audit artifacts and supporting documentation are accurate, complete, and accessible to stakeholders.
Conduct independent research, gather audit evidence, and prepare responses to auditor requests in accordance with established timelines and requirements.
Collaborate with internal and external stakeholders to coordinate audit activities, collect documentation, and support remediation efforts.
Track audit findings, recommendations, corrective actions, and Plans of Action & Milestones (POA&Ms) through remediation and closure.
Assist with risk management activities by monitoring audit-related risks and supporting mitigation efforts to maintain acceptable risk levels.
Facilitate recurring audit meetings, provide status updates, and communicate audit progress, risks, and remediation activities to management and stakeholders.
Develop and maintain audit performance metrics, dashboards, and reports to measure program effectiveness and compliance status.
Support the preparation, review, and submission of audit responses, reports, and compliance documentation for leadership review.
Ensure audit deliverables, responses, and remediation activities are completed accurately and within established deadlines.