Cybersecurity Audit Manager (Mid)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Assurance, Information Systems, or closely related field; or equivalent experience.
• 5+ years coordinating Federal cybersecurity audits or oversight engagements (OIG, GAO, FISMA, A‑123/FMFIA, financial statement audits).
• Demonstrated ability to manage complex audit calendars, artifacts, and multi‑stakeholder coordination under tight deadlines.
• Strong writing and communication skills to synthesize technical topics into accurate packaged responses and briefings.
• US Citizen or Green card holder
• Ability to obtain and maintain Public Trust adjudication.
• Must meet updated ID requirements: https://www.gsa.gov/technology/it-contract-vehicles-and-purchasing-programs/federal-credentialing-services/get-appointment-help/bring-required-documents
• If you do not currently meet the ID requirements outlined, you must be willing and able to update your current forms of ID in a timely manner to complete the suitability process successfully.

Nice To Haves

• PMP or FAC/PPM equivalent certification
• CompTIA Security+ (or higher DoD 8570/8140‑aligned baseline

Responsibilities

• Lead planning, coordination, and tracking of cybersecurity audits and assessments, including FISMA, OMB A‑123, FMFIA, and OIG and GAO engagements.
• Maintain the cybersecurity audit risk register, tracking risks, remediation plans, owners, milestones, and progress.
• Prepare packaged responses, corrective action plans (CAPs), audit artifacts, and closure documentation for delivery to oversight bodies.
• Develop or update audit playbooks, process documents, and guidance materials to standardize readiness and engagement execution.
• Coordinate entrance/exit conferences, walkthroughs, interviews, site visits; manage information requests and due dates.
• Support development of risk summaries, dashboards, and program‑level reporting (e.g., status of audit activities, open items, milestones).
• Monitor risks tied to High Value Assets (HVAs) and audit findings, providing periodic updates to leadership.
• Ensure coordination activities align with NIST RMF, NIST CSF, FISMA, applicable OMB guidance, and DOC cybersecurity policies.
• Track known weaknesses and recommendations to inform audit readiness and evidence planning.
• Serve as the primary liaison among OCRM, OCOS, ESOC, DOC Operating Units, auditors, and assessment teams.
• Provide clear communication, regular status updates, and issue escalation as needed to maintain schedule and quality.
• Develop concise briefings and summaries for leadership and audit stakeholders at key milestones (entrance, fieldwork, exit, close‑out).
• Utilize CSAM (GRC) as the system of record for system security documentation and status.
• Manage engagement workflow and artifacts through the DOC Audit Management System (ServiceNow); maintain request logs, evidence, and dashboards.
• Use collaboration/reporting tools (e.g., SharePoint, Excel/Power BI, MS Project) for repository management, trackers, and executive‑ready summaries.

Benefits

• Paid time off
• Healthcare benefits
• Supplemental benefits
• 401k including an employer match
• Discount perks
• Rewards
• Education reimbursement for certifications, degrees, or professional development
• Flexibility for professional growth and networking
• Happy hours
• Holiday events
• Fitness & wellness events
• Annual celebrations
• Charity galas/events