IT Audit Advisory Consultant/FISCAM SME

About The Position

Requirements

• Clearance: TS/SCI with polygraph (or ability to obtain SCI and pass polygraph).
• Education/Experience: Bachelor’s + 8 years relevant experience OR a Master's Degree and 6 years of relevant experience. An additional 4 years of experience may be considered in lieu of degree.
• Certification: Active Security+ (DoD 8570 IAT Level II).
• Ability to learn IT general controls (ITGC), Financial Information System Control Audit Manual (FISCAM), and National Institute of Standards and Technology Special Publication (NIST) 800-53v4
• Ability to understand IT audit finding recommendations to translate those requirements to functional/technical stakeholders
• Ability to understand business processes in order to develop and implement new controls to mitigate or remediate identified IT audit gaps
• Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraints

Nice To Haves

• Clear communicator with both technical and non-technical stakeholders.
• Ability to manage and prioritize tasks independently.
• Strong written/verbal communication.
• Experience with Xacta
• Familiar with Configuration Management
• Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs
• Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series

Responsibilities

• Design, develop, and implement IT corrective action plans (CAPs) for self-identified deficiencies (SIDs) and external IPA findings
• Perform CAP validation testing for completed remediation activities
• Perform baseline review assessments (e.g., FISCAM) to assess system readiness and remediate identified deficiencies
• Monitor, track, and report on IT CAP statuses and third-party risk management (e.g., service providers)
• Develop risk-based approaches for prioritization of IT findings
• Perform advisory services for risk management framework (RMF) activities to support system team IT control implementations in accordance with financial management overlay
• Integrate leading practices for IT audit remediation

Benefits

• Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.