NMCC Systems Auditor

TekSynap•Arlington, VA

1d•Onsite

About The Position

We are seeking a NMCC Systems Auditor to join our team supporting AFNCR (Air Force National Capital Region) in Arlington, VA. The Systems Auditor will perform Cybersecurity Auditing duties including performing risk assessments, analyzing logs, and providing critical information to the leadership team to make important security-related decisions within the National Military Command Center. The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR, missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas required are: IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E); and National Military Command Center (NMCC). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment. TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at www.TekSynap.com. Apply now to explore jobs with us! The safety and health of our employees is of the upmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration.

Requirements

Active TS/SCI clearance.
Active IAT II certification (i.e. Comptia Security+).
5+ years of related experience performing in roles such as System/Network Administrator or ISSO.
A bachelor’s degree in computer information systems/technology, or a related field. Education and experience requirements may be substituted with:
A master’s degree (in subjects described above) and 3 years of specialized experience and the ability to attain a Security+ce or equivalent DoD 8570 IAT level II certification within 6 months.
No degree but 10 years of intensive and progressive experience demonstrating the required proficiency levels related to the tasks and a current Security+ce or equivalent DoD 8570 IAT level II certification.
Experience utilizing the Elastic Stack to perform log analysis, user activity tracking, and asset visibility.
Windows,VMware, RHEL, Juniper, and Cisco device log monitoring and integration experience.
Effective communication and presentation skills (i.e. ability to present ideas effectively in formal and informal situations in group and individual settings).
Strong planning, organizational, and time management skills (i.e. ability to effecitvely plan, organize, and prioritize work, and to control and follow up to assure work completion).
Demonstrated initiative (i.e. initiate appropriate action without being directed) and ability to work independently.
Strong interpersonal skills (i.e. ability to work effectively on teams, communicate effectively, work/interact effetively and amicably with people from diverse backgrounds and culutures and with diverse personal attributes).

Nice To Haves

8+ years of experience in cybersecurituy policies and implementation or Risk Management Framework (RMF): DAAPM. CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series.
Experience developing and managing strong relationships with partners (internal and external), government customers, and representatives.

Responsibilities

Audits components of the business including critical technology functions, infrastructure, cybersecurity, risk management, and applications across multiple repositories.
Identifies internal control standard methodologies.
Contributes to the development and execution of a continuous monitoring program for the businesses or functions covered.
Mitigates risk by following established procedures and monitoring controls, spotting key errors, and demonstrating strong ethical behavior.
Reports suspicious and anomalous audit findings to proper personnel, including supervisor, manager, or team.
Able to make recommendations for the timely correction of unsatisfactory conditions.
Reviews all relevant documents, records, reports and methods for accuracy and effectiveness.
Executes internal control testing for operations of varying complexity.
Performs audit tasks for multiple systems of moderate difficulty, demonstrating a degree of audit expertise consistent with experience level.
Prioritizes and effectively plans own work activities, managing multiple tasks across the team to deliver quality results.
Assists in communicating the results of audit projects to management via written reports and oral presentations.
Assists with the development and maintenance of Internal Audit IT Risk Assessment.
Provides guidance to lesser experienced auditors and promotes the development of effective team relationships and functions to ensure success in the department.
Coaches and mentors’ others on the use of various business systems, applications, and audit tools.
Independently identifies key IT controls and assesses their design and operating effectiveness.
Validates the remediation of issues and their corresponding corrective actions.
Establishes working relationships with stakeholders, teammates, and Management of different levels.
Ability to communicate with System and Network SMEs for Technical assistance.
Working knowledge of Linux and Windows logging.
Knowledge of Audit and Accountability Control family per NIST SP 800-53.