Information Security Auditor
The Information Security Auditor will be responsible for the day-to-day security assessment and maintenance of internal security controls and risks of the company’s information technology systems. They will be responsible for ensuring ECI meets and exceeds all CMMC and NIST SP 800-171 assessment objectives. They will also be responsible to ensure the security controls are followed per the defined policies and procedures. In addition, they will support the ongoing development and maturing of security policies and procedures to meet ECI’s security needs. The successful candidate must be comfortable taking on responsibilities as required and must continually look for opportunities to improve the company’s technology infrastructure. The candidate must also demonstrate a passion excellent customer service, and be a self-starter who takes initiative and consistently displays a positive attitude, integrity and accountability.
Edaptive Computing Inc. Dayton, Ohio
Full time with competitive benefits package
- Associates Degree or higher in relevant technical discipline; Computer Science or Information Systems degree preferred.
- Related experience may be substituted depending on circumstances.
- Perform System Security Assessments.
- Identify and communicate auditing matters/issues to stakeholders.
- NIST SP800-171 and CMMC Level 3 control reviews.
- Review Security Technical Implementation Guides (STIGs), DOD Cloud Security Requirement Guides (SRG), Vulnerability Assessments, System Security Plans (SSP), and Plan of Action and Milestones (POA&M) artifacts.
- Work with partners and managers to determine proper treatment of various issues that arise during an audit.
- Develop audit reports and client deliverables.
- Review client deliverables and audit report documentation.
- Maintain a good working relationship with clients to enhance customer satisfaction.
- Participate in and mentor others in the day-to-day execution of one or more engagements.
- Adhere to the highest degree of professional standards and strict client confidentiality.
- Assist in the development of proposals and thought leadership documentation.
- Serve on project implementation teams as needed to document security control needs and System Security Plans.
- Information System Categorization processes (FIPS-199/FIPS-200).
Required Skills and Abilities
- Understanding of audit procedures and internal security controls.
- Excellent planning, analytical, organizational, and communication skills are essential.
- Flexible attitude and open to changes in the audit schedule.
- Absolute attention to detail.
- Ability to manage multiple projects and tight deadlines.
- Excellent teamwork and interpersonal skills.
- Leadership potential
- Strong mission and values commitment; natural cultural fit.
Enhancing Skills and Abilities
- A+, Network+, Security+, and/or CISSP certification
- ISO auditing experience
- ISACA certifications
- Certified Internal Auditor (CIA) designation
(Non-complying submissions will not be considered)
- Reference Information Security Auditor in all correspondence in all correspondence.
- Eligibility for a Security Clearance is required.
- Resumes must be 3 pages or less and provide description of how qualifying technologies were used. You may also submit a one page cover letter (optional but desired) stating your career objectives and how your qualifications and interest align with our requirements.
- Complete the applicant profile by clicking Apply Here at the bottom of the page. The process for submitting all information is not complete until you click the submit button.
To be considered for employment at Edaptive Computing Inc., you must apply on-line using our electronic application. If, due to a disability, you need assistance in completing the on-line application, contact Edaptive's Human Resources Department at (937) 433-0477. Please indicate the specific assistance needed. Note: This option is reserved for those with disabilities only.