IT Security Audit SME

Be Challenged and Make a Difference

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Description of Task to be Performed:

AnaVation is seeking a prevailing authority in Federal IT Security Audits. The ideal candidate must have an active Top Secret clearance and extensive experience leading and coordinating enterprise-level cybersecurity audits on behalf of large Federal agencies. We are open to full-time or part-time consultative support for the right candidate.

What you will be doing

• Serve as the top resident expert regarding all of the following: FISMA, NIST, FedRAMP, FISCAM, CyberScope, OMB, CNSS, ICD, and cybersecurity-related EOs, BODs, and related memoranda.
• Interface with client’s senior-most leadership, including briefings up to and including Cabinet-level appointees under the current administration.
• Advise the client to assure attainment of minimum “Managed and Measurable (4)” but preferably “Optimized (5)” maturity levels across all audited categories for all selected systems during the Department’s annual FISMA audit. Lead the audit on behalf of the Department. Brief results to executive-level personnel and recommend ways to increase maturity levels in future audits.
• Advise the client and team regarding collection of quarterly and annual FISMA CIO metrics. Prepare, deliver, and brief results. Make recommendations for improvement.
• Must have the ability to work in a dynamic environment and adapt to changing conditions.
• Must possess a high degree of originality, creativity, and initiative requiring no direct supervision.

Minimum Qualifications (Education/Certifications, Experience, etc):

Active CISSP or CISA certification

15+ years leading FISMA OIG, IRS, GAO, and FISCAM audits at the enterprise level

Clearance:

Active Top Secret clearance

Other Required Skills & Qualifications:

Direct experience advising Federal working groups to offer expert advice regarding cybersecurity policy requirements, guidance, and metrics.

Location:

This position is advisory in nature and can be performed remotely from anywhere within the US. Occasional travel to Washington DC may be required.