Cybersecurity Auditor
Perform cybersecurity auditing by reviewing audit logs of networks, information systems and cloud environments to identify information systems not compliant with DoD, ICD, NIST, CNSS and other cybersecurity policies. Advises and assists the customer with Risk Management Framework (RMF) The duties of this task include assessing network compliance against controls listed in NIST 800-53. The Contractor shall execute a comprehensive cybersecurity compliance assessment and validation of customer networks, cloud environments, information systems, hardware, software, and devices to ensure compliance with cybersecurity regulations and standards. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities.
Additionally, the Cybersecurity Auditor should be able to perform security evaluations and vulnerability assessments using the DoD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool. The Cybersecurity Auditor will liaison with network and system administrators to correct identified deficiencies. The Cybersecurity Auditor will also scan (or review scans) for new systems and applications being introduced into the SOF environment, identify vulnerabilities, and draft assessment reports for the government. The contractor will liaison with the Site Integration Facility (SIF) to ensure systems and application meet the standards in the DISA Security Technical Implementation Guides (STIG) and security controls defined by NIST 800-53.
Typical Duties Include:
• Utilize Security Information and Event Management tools, Active Directory Users and Computers snap-in, PowerShell, SPLUNK, and Microsoft Remote Server Administration tool to analyze cybersecurity compliance
• Provide quarterly cybersecurity hygiene report to Security Control Assessor, Authorizing Officials and other stakeholders
• Monitor system recovery processes to ensure audit log collection and procedures are properly restored and functioning correctly
• Runs weekly/monthly reports capturing current security posture and non-compliance or organizational policies for SIE assets
• Plans, participates and leads information systems assessment and audits; communicates finding to Security Control Assessor, Authorizing Official, information system owners, and other stakeholders
• Audits networks, cloud environments and information systems for Information Assurance Vulnerability Alert (IAVA)/ Information Assurance Vulnerability Management (IAVM), Collaborative Virtual Environment (CVE), Common Vulnerability Scoring Systems (CVSS), and comply to connect compliance
• Ensures new assets added to the domain are collecting logs and forwarding to central log server • Review vulnerability scans and STIG results of hardware and software; provides fielding recommendations
• Reviews network defense tool exceptions to policies (such as Host Base Security System, Endpoint Security System, Assured Compliance Assessment Solution, SolidCore, Cloud Based Internet Isolation, etc.); provides recommendations or mitigations
Knowledge, Skills and Abilities:
• Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
• Working knowledge of the RMF.
• Knowledge of the Telos Xacta or eMASS system is desired.
• Must have excellent communications skill (written and oral) and interpersonal skills.
• Knowledge and experience with DoD cybersecurity processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies).
• Active TS/SCI clearance required.