IT & Security Manager - Cyber & Cloud Security
Company: Guidehouse
Location: Chantilly
Posted on: February 4, 2025
|
|
|
Job Description:
IT Risk & Controls Consulting
Travel Required :
Leading a team of IT security auditors performing IT risk and
controls assessments
Performing rigorous assessments of IT controls using
industry-standard guidance and leading practices
Performing walkthrough interviews and maintaining communication
with a variety of client stakeholders, including system personnel
such as system and database administrators
Requesting, obtaining, reviewing, and analyzing a variety of
artifacts to assist in executing IT controls testing such as
security plans, SOPs, system screenshots, and system configuration
settings
Evaluating the design and operating effectiveness of IT controls
using provided artifacts, industry-standard guidance, leading
practices, and professional judgement
Documenting the results of IT controls test work in a consistent
and high-quality manner that would allow a reviewer to repeat the
test and reach the same conclusion
Summarizing and communicating IT controls assessment results to a
variety of client stakeholders, including senior leadership
personnel
Planning and executing day-to-day activities of IT controls
assessments individually and for the team
Working with client personnel to understand and analyze known IT
control weaknesses, identify root causes, and develop detailed,
robust remediation plans
Providing subject matter expertise to client personnel on all
matters relating to IT controls and responding to ad-hoc IT
controls requests from client personnel
An ACTIVE and MAINTAINED TOP SECRET/SCI federal security clearance
with a Counterintelligence (CI) polygraph
Bachelor's degree in information technology or business
SIX (6) or more years' experience providing IT consulting services
focused on IT Risk and Controls
A current Certified Information Security Manager (CISM), Certified
Information Systems Auditor (CISA), -OR- a Certified Information
Systems Security Professional (CISSP)
Experience in consulting with the federal government to include
senior government clients
Understanding and knowledge of federal information security and
assurance laws, requirements, and guidance (i.e. Individual should
demonstrate knowledge and experience in IT risk and controls
through IT audits, IT control assessments, and IT security reviews.
It is desired that individual maintains a relevant certification
such as the Certified Information Systems Auditor (CISA) or is
eligible to attain certification.
Experience remediating and implementing IT controls is
beneficial.
SIX (6) or more years' experience testing or remediating the
following IT controls topic areas is preferable:
Access and account management, including authorization,
provisioning, recertification, and separation
Segregation of duties, including identifying and defining
segregation of duties risks and conflicts, preventive and detective
segregation of duties controls, and understanding the difference
between segregation of duties and least privilege
Technical account management controls, such as password length,
complexity, and expiration
Audit logging and monitoring, including generation of audit logs,
use of audit log aggregation and analysis tools, and audit log
monitoring and review
Configuration management, including configuration baseline
concepts, baseline deviations, baseline maintenance, monitoring for
ongoing compliance with a baseline, and industry-accepted baselines
such as DISA STIGs and CIS benchmarks
Change management, including authorization, development, testing,
and deployment of changes
Contingency planning, including backups, testing of backups, and
alternate sites
Guidehouse offers a comprehensive, total rewards package that
includes competitive compensation and a flexible benefits package
that reflects our commitment to creating a diverse and supportive
workplace.
Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- 401(k) Retirement Plan
- Health Savings Account, Dental/Vision & Dependent Care Flexible
Spending Accounts
- Short-Term & Long-Term Disability
- Tuition Reimbursement, Personal Development & Learning
Opportunities
- Corporate Sponsored Events & Community Outreach
- All qualified applicants will receive consideration for
employment without regard to race, color, national origin,
ancestry, citizenship status, military status, protected veteran
status, religion, creed, physical or mental disability, medical
condition, marital status, sex, sexual orientation, gender, gender
identity or expression, age, genetic information, or any other
basis protected by law, ordinance, or regulation.
If you have visited our website for information about employment
opportunities, or to apply for a position, and you require an
accommodation, please contact Guidehouse Recruiting at
1-571-633-1711 or via email at
RecruitingAccommodation@guidehouse.All information you provide will
be kept confidential and will be used only to the extent required
to provide needed reasonable accommodation.
Keywords: Guidehouse, Richmond , IT & Security Manager - Cyber & Cloud Security, Executive , Chantilly, Virginia
|
Click
here to apply!
|
