Senior Cybersecurity Auditor

Job Description: • Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations • Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks • Performs vulnerability and risk analysis and participates in a variety of computer security penetration studies • Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers • Recommends solutions to meet security requirements • Gathers and organizes technical information about an organization's mission goals and needs and makes recommendations to improve existing security posture • Provides enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves • Provides workable recommendations and advice to client executive management on system improvements, optimization, and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC • Competent to work at the highest level of all phases of information systems auditing Requirements: • Proven proficiency performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications and IT frameworks • Required to possess a DOD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) upon assignment • Seven (7) years of IT experience • Five (5) years of cybersecurity experience • Strong analytical and problem-solving skills for resolving security issues • Strong skills implementing and configuring networks and networks components • Command Cyber Readiness Inspection certification or equivalent in at least one of the following areas: Nessus Scan Analysis Operating Systems (Windows, Unix) Boundary Defense) Network Policy, Router, Firewall) Internal Defense (L2 Switch, L3 Switch) DNS (Policy, BIND/Windows) HBSS (remote console, AV, ABM, PA HIPS, ePO) Traditional Security (Common, Basic, NCV, SCV) Wireless Communications (BES, Handhelds) • Tenable Certified NESSUS Auditory • Knowledge and understanding of DOD security regulations, DISA Security Technical Implementation Guides • Understanding of SCAP (Security Content Automation Protocol) • Knowledge of and proficiency with: VULNERATOR USCYBERCOM CTO Compliance Program Wireless vulnerability assessment Web Services (IIS, Apache, Proxy) Database (SQL Server, Oracle) Email Services (Exchange) Vulnerability Scans (NESSUS, SCCM) • Knowledge of Phishing exercises Cloud Security Operational Technology Artificial Intelligence USB Detection Physical Security • Required to be a DISA Risk Management Executive, Cyber Standards Branch Certified Command Cyber Readiness Inspection (CCRI) Team Lead and have a certification in penetration testing, such as: Licensed Penetration Tester (LPT) Certified Expert Penetration Tester (CEPT) Certified Ethical Hacker (CEH) Global Information Assurance Certification Penetration Tester (GPEN) • Familiarity with AUTOCHECKLIST Tool Benefits: • health, dental, vision, life and disability insurance • great 401(k) package • generous Paid Time Off Apply tot his job