Senior IT Auditor
Company: BAE Systems
Posted on: March 25, 2020
BAE Systems, Inc. one of the world's leading defense contractors
and a Fortune 500 Company, has created a position for a Senior IT
Cybersecurity Auditor to join the Office of the CISO's
Cybersecurity Audit and Compliance team in Reston, VA. This
position requires a person with hands-on Information Systems
Security Engineering/Cybersecurity Engineering experience with
information system security assessments, Risk Management Framework
(RMF) or NIST Cybersecurity Framework implementation. They will
primarily interface with the technical IT functional teams to
perform cybersecurity audits, provide SME guidance in remediating
discrepancies, and validate plans of actions and milestones to
ensure compliance with internal standards and DFARS
In this role, they will be instrumental in the building,
implementation, and maturation of a comprehensive and repeatable
Cybersecurity IT audit and compliance program. The Senior IT
Auditor will take a proactive approach partnering and engaging with
the IT functional teams to validate current and new cybersecurity
compliance requirements to ensure DFARS compliance.
ESSENTIAL FUNCTIONS: (This list may not include all essential
Responsible for conducting cybersecurity design and effectiveness
BAE Systems IT Operational and Applications functional groups to
ensure compliance with internal standards as informed by NIST
800-53 and 800-171 standards.
Validates that processes and procedures, documentation, and other
supporting artifacts required for compliance are provided, are
maintained by the functional team, and support compliance.
Manages audit plan to ensure on time performance of assessments by
IT functional groups; maintains and reports weekly status.
Remains current on cybersecurity auditing practices, emerging
threats, industry regulatory changes, and internal company policy
and process changes.
Proactively interfaces with BAE Systems IT functional groups to
enhance their understanding of the Cybersecurity controls to drive
improved security compliance and management of risk, and to
strengthen effectiveness of cybersecurity controls.
Prepares and reports on audit recommendations and ensures they are
accurately tracked in audit repository.
Interfaces with IT functional groups to ensure their plan to
remediate discrepancies is aligned with internal company IT
standards; develops remediation validation plan and works with IT
functional groups to validate compliance per the remediation
Performs other related duties and responsibilities as required.
Typical Education & Experience
Required Skills and Education
8+ years of experience and increasing responsibilities in IT audit
and compliance roles.
Specific knowledge of NIST SP 800-171 and NIST SP 800-53 or similar
Working knowledge of Risk Management Framework (RMF) or NIST
Cybersecurity Framework implementation.
General knowledge of IT Applications operations and technologies,
and IT Operational services such as Network Infrastructure
technologies (WAN/LAN), Cybersecurity, Active Directory, Backup &
Recovery, Data Centers, Messaging, Mobile Technologies, Remote
Access, Storage, Operating Systems, Virtualization Services, and IT
General knowledge of the interrelationships between IT Applications
Experience articulating cybersecurity requirements and controls
across technical boundaries in a clear, concise, and organized
Specific knowledge of foundational IT processes that support an IT
environment such as Change Management, Configuration Management,
Proven ability to synthesize information from multiple sources to
draw logical conclusions and support audit analysis and remediation
Functions well both as an individual contributor and in team
environments where collaboration and adaptability are
Extensive experience building productive, collaborative, and
sustainable internal working relationships.
Demonstrated ability to handle multiple concurrent projects, meet
established deadlines and quickly adapt to changing priorities, all
while working under limited supervision.
Excellent verbal and written communication skills, ability to
effectively communicate with technical and non-technical
Preferred Skills and Education
Master's degree from an accredited college or university,
preferably with an emphasis in information systems, computer
science, accounting, business or other related fields, and a
minimum of ten (10) years of experience that is directly related to
the duties and responsibilities specified.
Cybersecurity Certification such as:
o Cybersecurity Analyst (CySA+)
o Certified Authorization Professional (CAP)
o Security + CE
o GIAC Security Essentials Certification (GSEC)
o GIAC Systems and Network Auditor (GSNA)
More About BAE Systems, Inc.
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an
international defense, aerospace and security company that delivers
a full range of products and services for air, land and naval
forces, as well as advanced electronics, security, information
technology solutions and customer support services.
Headquartered in Arlington, Virginia, BAE Systems, Inc. employs
approximately 32,000 in the
United States, United Kingdom, Sweden, and Israel, and generated
2016 sales of $10 billion. BAE Systems, Inc. provides support and
service solutions for current and future defense, intelligence, and
civilian systems; designs, develops and manufactures a wide range
of electronic systems and subsystems for both military and
commercial applications; produces specialized security and
protection products; and designs, develops, produces, and provides
service support of armored combat vehicles, artillery systems, and
BAE Systems is committed to hiring and retaining a diverse
workforce. We are proud to be an
Equal Opportunity Employer, making decisions without regard to
race, color, religion, sex, sexual orientation, gender identity,
gender expression, marital status, national origin, age, veteran
status, disability, or any other protected class.
About BAE Systems, Inc.
BAE Systems is a premier global defense and security company with
approximately 90,000 employees delivering a full range of products
and services for air, land and naval forces, as well as advanced
electronics, security, information technology solutions and
customer support and services. People are the greatest asset in any
Company. BAE Systems is committed to hiring and retaining a diverse
workforce. Equal Opportunity
Orientation/Gender Identity/Gender Expression
Keywords: BAE Systems, Nashua , Senior IT Auditor, Accounting, Auditing , Nashua, New Hampshire
Didn't find what you're looking for? Search again!