IT Security Auditor

Company:

SAIC Location:

Springfield, VA Career Level:

Mid-Senior Level Industries:

Technology, Software, IT, Electronics Description Description Diplomatic Technology (DT). DT provides enterprise architecture design, engineering, operations and maintenance support services for desktops, servers, networks, firewalls, and enterprise applications across the Department. The IT Security Auditor will evaluate the organization's next generation information technology infrastructure, policies, and operations to ensure they are secure, efficient, and compliant with regulatory standards. This role will methodically review controls, documentation, and processes against established frameworks. This position requires extensive foreign and domestic travel to DOS posts located worldwide (75%).

Description of Duties:

System Evaluations:

Conducting comprehensive reviews of IT infrastructure, including networks, software, and hardware, to identify vulnerabilities.

Compliance Auditing:

Ensuring the organization adheres to legal and industry-specific regulations such as GDPR, HIPAA, SOX, and PCI DSS.

Control Testing:

Verifying the effectiveness of internal security measures like firewalls, routers/switches, encryption, and user access controls.

Reporting & Recommendations:

Preparing detailed written reports for senior management that explain technical risks in plain language and propose actionable solutions.

Risk Assessment:

Analyzing data to prioritize security risks based on their potential impact and likelihood.

Post-Breach Investigation:

Participating in or leading follow-up investigations after security incidents to determine how they occurred.

Qualifications Required Education/Experience:

Bachelors and ten (10) years or more of related experience; Masters and eight (8) years or more experience ; may accept additional experience in lieu of degree. Knowledge of Post Quantum Encryption.

Technical Knowledge:

Deep understanding of operating systems (Linux, Windows), networking (VPNs, firewalls), and cloud security.

Analytical Thinking:

Ability to sift through complex data and logs to find anomalies or configuration errors.

Communication:

Translating complex technical findings into business risks for non-technical executives. Attention to

Detail:

Meticulous approach to verifying every detail of a security policy or system setting.

Required Clearance:

US Citizenship.

TOP SECRET

(Active) with the ability to obtain

TOP SECRET SCI.

Desired Experience/Skills/Attributes:

Previous COMSEC audit experience. Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs) preferred. Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent written and oral communications.