SecureIT is looking for an experienced, technical IT Auditor to join its team. The winning candidate will be responsible for managing IT audit engagements at SecureIT clients, and will gain valuable experience working with diverse and technically challenging IT environments. This individual will be tasked with scoping, planning, and executing IT audits, configuration reviews, and security assessment engagements for large public companies, and emerging private entities as well. Other assigned tasks will include refining technical assessment methodologies, developing targeted work programs, and developing technical IT Audit and Security training materials. You will serve as a Subject Matter Expert (SME) and mentor to others regarding security threats, configurations, vulnerabilities, and assessment tools/techniques at all system layers (host, database, network, web, and application layers), but will also have an opportunity to collaborate with and learn from others at a technically-respected IT Audit and information security organization.

Responsibilities

• Perform detailed security assessments and configuration reviews of host operating systems (Solaris, Linux, Windows, z/OS, etc.), databases (Oracle, UDB, Sybase, SQL server), web infrastructure components (Apache, IIS, Tomcat, WebLogic, Tivoli Access Manager, etc.), and network devices (Cisco firewalls, Check Point, VPNs, routers, switches, and wireless devices)
• Perform system and network vulnerability assessments using scanners and architecture reviews Assess event management and incident detection/response capabilities, including IDS/IPS and security log management
• Identify meaningful findings and present/defend findings and recommendations to client technical and management personnel. Create working papers to document test procedures and results, and draft reports to communicate risk and security issues in business context (i.e. translate technical risks to business risks)
• Assist as needed with planning/overseeing/executing audits of IT general controls and application controls, SOX assessments, SSAE 16 reviews, FISCAM reviews, and other IT risk and governance projects
• Help refine SecureIT’s technical assessment tools and techniques and assist with training, mentoring, and supervising other team members
• Provide expertise in consulting or remediation projects to assist clients in resolving identified control weaknesses and exposures

Position Requirements

• Bachelor’s degree in computer science, information systems, or a related discipline is desired.
• CISA, CISM, or CISSP certifications
• 4-6 years of progressive experience in IT audit or information security with a focus in technical configuration and vulnerability assessments
• Security tool specific certifications a plus
• U.S Citizenship
• Clearable for public trust
• Prior demonstrated ability to assess systems, applications, and databases for security vulnerabilities. Proficiency in Unix (either Solaris, Linux, or some other flavor), Oracle, and at least one firewall product is required.
• ERP application experience (e.g., PeopleSoft) is preferred.
• Effective communication and documentation skills are required
• Flexibility to work independently on one person projects, with other SecureIT personnel on larger projects, and with client resources on co-sourcing projects

Location
Positions are available in Northern Virginia

To Apply
Please email resume with cover letter to resumes@secureit.com

<< Back to Current Opportunities