Centurion Consulting Group
Centurion is hiring a Cybersecurity Auditor to support our clients governance, risk, information assurance and compliance (GRIA&C) arm of the cybersecurity team. This is a remote position.
Purpose and Scope:
This role supports our clients data protection requirements through the comprehensive auditing of our clients information technology environment and collaborating with teams through the mitigation process. Qualified candidates will need a versatile skill set that emphasizes regulatory comprehension, effective collaboration, critical thinking, analytical prowess, and risk management.
Essential Responsibilities:
- Provide internal assessments and audits of security controls implemented on our clients information technology assets.
- Independently test the effectiveness of controls being assessed.
- Properly document necessary cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary.
- Perform cyber assessments and audits as directed.
- Make recommendations and provide guidance/consultation regarding process improvements necessary for remediating internal control gaps.
- Facilitate discussions with various teams, both internal and external, around data compliance efforts.
- Work with system administrators, engineers, and Information System Security Manager (ISSM) to create or update system/site policies, procedures, and process guides.
- Brief executive leadership on compliance matters.
- Create network and data flow topology diagrams and process flow charts as required.
- Write stakeholder reports using accessible language to explain the assessment and audit results and recommendations.
- Create and provide metrics to cybersecurity leadership.
- Travel up to 25%
- Perform all other position related duties as assigned or requested.
Minimum Position Knowledge, Skills, and Abilities Required:
- Must be a U.S. Citizen
- Minimum of 3 years of experience in performing cyber assessments.
- Bachelor’s degree in computer science, similar degree path, or 4 years of hands-on experience.
- CompTIA Security + certified
- Knowledge of NIST publications and their relevancy to compliance.
- Strong written and verbal communications.
- Experience with compliance efforts in hybrid environments that encompass both cloud and on-premises services.
Preferred Skills and Qualifications:
- Experience assessing or auditing government or DoD IT environments.
- Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA) certifications.
- Experience with common cybersecurity tools and platforms including, but not limited to:
- Nessus
- Microsoft GCCH / O365
- Microsoft Azure
- Microsoft Defender
- Email protection platforms
- Palo Alto products
Work Environment, Physical Demands, and Mental Demands:
Typical office environment with no unusual hazards, occasional lifting to 50 pounds, constant sitting while using the computer terminal, constant use of sight abilities while reviewing documents, constant use of speech/hearing abilities for communication, constant mental alertness, must possess planning/organizing skills, and must be able to work under deadlines.
Position Details:
US Citizenship or Authorization to work in US required
Travel: < 10% (CONUS)
Centurion Consulting Group, LLC is an Equal Opportunity Employer EOE M/F/D/V
No third parties or subcontractors
REF: JOB-4620