Senior Cybersecurity Assessment Analyst
About The Position
Kearney and Company is seeking a Senior Cybersecurity Assessment Analyst to join our growing team! Responsibilities include but not limited to: Analyze auditor or assessor requests, identify appropriate documentation in coordination with control owners, and review response for appropriateness and compliance Organize, monitor, and follow up on audit requests to provide timely responses Communicate delays and risks with management Review artifacts and draft FMFIA A-123 Appendix A workpapers for supervisor review Conduct A-123 walkthroughs, draft client request, communicate findings Perform review of Plans of Action and Milestones (POA&Ms) to determine sufficiency to remediate findings Perform independent verification and validation (IV&V) of audit finding remediation and clearly document results for management review Organize, monitor, and follow up on delayed audit finding remediation Exercises intermediate knowledge in the use of technologies/systems With supervisor assistance and oversight, prepare for and lead meetings with control owners Performs other consulting duties, as needed Mains all continuing Government and non-Government educational requirements, including GAGAS requirements
Requirements
- Bachelor's degree in Computer Science, Information Systems, or a related field
- Minimum 2 years of experience performing external IT security assessments or audit liaison support for external IT security assessments
- Minimum 1 year of external assessment workpaper writing experience, under CIGIE or GAGAS fieldwork requirements
- 2 years of federal client experience and requisite understanding of key NIST publications
- Ability to be onsite 2 days a week in Alexandria, VA
- Professional communication skills and clear business writing
- Ability to obtain and maintain a U.S. security clearance (requires U.S. citizenship)
Nice To Haves
- OMB A-123, OIG FISCAM, OIG FISMA assessment experience
- Diligent One, ServiceNow, ACL or HighBond experience
- Professional certification: CISSP, CISA, Security+, CC, CPA
Responsibilities
- Analyze auditor or assessor requests, identify appropriate documentation in coordination with control owners, and review response for appropriateness and compliance
- Organize, monitor, and follow up on audit requests to provide timely responses
- Communicate delays and risks with management
- Review artifacts and draft FMFIA A-123 Appendix A workpapers for supervisor review
- Conduct A-123 walkthroughs, draft client request, communicate findings
- Perform review of Plans of Action and Milestones (POA&Ms) to determine sufficiency to remediate findings
- Perform independent verification and validation (IV&V) of audit finding remediation and clearly document results for management review
- Organize, monitor, and follow up on delayed audit finding remediation
- Exercises intermediate knowledge in the use of technologies/systems
- With supervisor assistance and oversight, prepare for and lead meetings with control owners
- Performs other consulting duties, as needed
- Maintains all continuing Government and non-Government educational requirements, including GAGAS requirements
Benefits
- Medical, Dental, Vision, Life, AD&D, and Disability Insurance
- 401(k) Retirement Plan and 529 Education Savings Plan
- Flexible Spending & Health Savings Account
- Accident, Critical Illness, Hospital Indemnity Insurances
- Legal Insurance and Pet Insurance
- Employee Assistance Program, fitness and wellness benefits, and other firm benefits
- Paid holidays, vacation, and sick time
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
