It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
The Security IT Audit Specialist will serve the Defense Security Cooperative Agency (DSCA) as an Internal Audit Sustainment Team member responsible for the Audit Readiness, Sustainment and Security of custom coded and COTS applications and databases. This position will be responsible for activities associated with delivery of Cybersecurity technical control implementation, configuration and architectural solutions associated with customer-defined systems/software projects.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Essential duties and responsibilities include the following. Other duties may be assigned.
Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken.
Demonstrates agile methodology experience to join our DSCA project team.
As a member of the DSCA Cyber Team, supports the men and women charged with safeguarding the American people and enhancing the Nation’s safety, security and prosperity. CBP agents and officers are on the front lines, every day, protecting our national security by combining customs, immigration, border security and agricultural protection into one coordinated and supportive activity.
Demonstrates both strong application and network security delivery skills needed to have a deep technical understanding of Cybersecurity and financial audit practices. Works as an integral part of a highly productive team of seasoned technical professionals who thrive on supporting our customer's mission and growth objectives.
Responsible for designing, developing, leading and implementing secure application and infrastructure capabilities for a variety of legacy and modernized systems and applications.
Works in close collaboration with software developers/engineers, quality assurance engineers, stakeholders, and end users within Agile Engineering processes. Demonstrates a working knowledge of enterprise class information assurance requirements, FISCAM, and network security and survivability.
Responsible for supporting development of a spectrum of engineering artifacts that adequately, but succinctly captures system security requirements, application and network security design, and network security architecture.
Responsible for ensuring that all assigned work activities are performed in a timely, secure, compliant and cost-effective manner while maintaining the highest quality of performance.
Implements Technical Audit Sustainment Program strategy.
Understands and assists developers with FISCAM compliance.
Enables assurance for information security during all phases of agile system development and deployment.
Secures DSCA and custom designed information support systems.
Assesses entire system lifecycle requirements and network security impacts.
Enhances the Implement Cybersecurity vulnerability / hardening testing.
Optimizes the Cybersecurity development environment certification.
Works with DSCA security administrators to ensure Separation of Duties, Access Controls, and that audit support functionality is incorporated into the system.
Works with the DSCA Independent Public Accountant (IPA) that is auditing the system by responding to request for information (RFI)s and delivering Provided by Client (PBC) data to the auditor.
Develops Corrective Action Plans (CAPs) in response to Notifications For Record (NFRs) received from the IPA.
Evaluates the implementation and compliance of DSCA GRC by working with DSCA Security Administrators.
Architect & Engineer security – develops security goals, capabilities, controls and architecture.
Maintains security posture – audits security settings, tracks security training, monitors threats, tracks reaccreditation and assists with synchronizing efforts for compliance with FISCAM and RMF.
Continuously evaluates and recommends innovative proven best business practices and tools to enhance defense-in-depth.
Monitors and inspects for approved software usage and implementation of approved security enabled software and tools.
Works to achieve team objectives, operational plans with measurable contribution towards the achievement of results of the job function or completion of a project.
Assists CBP with maintaining compliance with OMB Circular A-123 supporting management responsibilities for internal controls.
Applies information security in accordance with National/DSCA directives security policy.
Responsible for aiding in own self-development by being available and receptive to all training made available by the company.
Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.
Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and co-workers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions as the best of own ability.
Bachelor of Science or Master of Science degree in Computer Information Systems, Finance or a related discipline. Must have minimum of seven (7) years’ of technical experience and five (5) years’ related with IT Financial Audit or FISCAM compliance.
CERTIFICATES, LICENSES, REGRISTRATION
Minimum Security+ CE or equivalent, CISSP, CISM or CISA preferred
Must be a U.S. Citizen with the ability to pass CBP background investigation, criteria will include:
- 3-year check for felony convictions
- 1-year check for illegal drug use
- 1-year check for misconduct such as theft or fraud
JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES
CISA and CISM experience
Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
Ability to apply advanced principles, theories and concepts, and contribute to the development of innovative IA principles and ideas
Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity and resourcefulness
Determining how Governance Risk and Compliance Tools (GRC, Greenlight, etc.) can enhance compliance
Implementing FISCAM, RMF and NIST security solutions
Developing compliance solutions for OMB Circular No. A-123 (management's responsibility for internal control in Federal agencies)
Acting independently to expose and resolve problems
Excellent written and verbal communication skills
Strong collaboration skills and desire to work within a team
Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write reports, business correspondence and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers and the general public.
Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
The physical demands described here are representative of those that must be met by an employee to perform successfully the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic.
All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protects status.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!