Process Improvement Consultant

About The Position

Requirements

• An ACTIVE and MAINTAINED TS/SCI Federal or DoD security clearance with a COUNTERINTELLIGENCE (CI) polygraph
• Bachelor’s Degree in a Business or Technical field
• ONE (1) or more years of experience in information technology, cybersecurity, and/or information assurance
• Experience in consulting with the federal government to include senior government clients
• Understanding and knowledge of federal information security and assurance laws, requirements, and guidance

Nice To Haves

• Relevant certification such as the Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM)
• Demonstrated knowledge and experience in IT risk and controls through IT audits, IT controls assessments, or IT security reviews
• Demonstrated ability and working knowledge of: FISMA, NIST SP 800 series, FISCAM, other relevant federal information assurance laws, regulations, and guidance
• Experience performing: FISMA, OMB Circular A-123, or similar internal control assessments
• Experience implementing or auditing access and account management principles, including authorization, provisioning, recertification, and separation of duties
• Experience implementing or auditing contingency planning principles, including backups, testing of backups, and alternate processing sites
• Experience implementing or auditing configuration management principles, including configuration baseline concepts, baseline deviations, baseline maintenance, change control, and monitoring, and industry-accepted configuration settings such as DISA STIGs
• Experience performing audit logging and monitoring, including generation of audit logs, use of audit log aggregation and analysis tools, and audit log monitoring and review

Responsibilities

• Performing assessments of IT controls using industry-standard guidance and leading best practices
• Conducting interviews and discussions with a variety of client stakeholders, including IT system personnel such as Information System Security Officers (ISSOs) and system administrators
• Reviewing and analyzing documents and artifacts to assist in IT controls testing such as system security plans, SOPs, audit logs, configuration scans, and vulnerability scans
• Evaluating the implementation and effectiveness of IT controls using provided artifacts against federal requirements, industry guidance, and leading best practices
• Documenting the results of IT controls testing in a consistent and high-quality manner that would allow others to review and understand the results
• Summarizing and communicating IT controls assessment results to a variety of client stakeholders, including senior leadership
• Understanding and analyzing known IT control weaknesses, identifying root causes, and developing detailed remediation plans
• Providing subject matter expertise to client personnel on a wide range of matters relating to IT security and assurance
• Responding to ad-hoc IT security-related requests from client personnel
• Planning and executing day-to-day activities of IT assessments and evaluations individually and for the team

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend