IT Security Auditor

Job

Location: Springfield, VA, US

Date Posted:

Category: Audit

Subcategory: IT Auditor

Schedule: Full-Time

Shift: Day Job

Travel: Yes - 75% of the time

Minimum Clearance Required:

Clearance Level Must Be Able to Obtain: TS/SCI

Potential for Remote Work: _SITE

Description

Diplomatic Technology (DT). DT provides enterprise architecture design, engineering, operations and maintenance support services for desktops, servers, networks, firewalls, and enterprise applications across the Department.

The IT Security Auditor will evaluate the organization's next generation information technology infrastructure, policies, and operations to ensure they are secure, efficient, and compliant with regulatory standards. This role will methodically review controls, documentation, and processes against established frameworks. This position requires extensive foreign and domestic travel to DOS posts located worldwide (75%).

Description of Duties:

• System Evaluations:
  Conducting comprehensive reviews of IT infrastructure, including networks, software, and hardware, to identify vulnerabilities.
• Compliance Auditing:
  Ensuring the organization adheres to legal and industry-specific regulations such as GDPR, HIPAA, SOX, and PCI DSS.
• Control Testing:
  Verifying the effectiveness of internal security measures like firewalls, routers/switches, encryption, and user access controls.
• Reporting & Recommendations:
  Preparing detailed written reports for senior management that explain technical risks in plain language and propose actionable solutions.
• Risk Assessment:
  Analyzing data to prioritize security risks based on their potential impact and likelihood.
• Post-Breach Investigation:
  Participating in or leading follow-up investigations after security incidents to determine how they occurred.

Qualifications

Required Education/Experience:

• Bachelors and ten (10) years or more of related experience;
  Masters and eight (8) years or more experience ; may accept additional experience in lieu of degree.
• Knowledge of Post Quantum Encryption.
• Technical Knowledge:
  Deep understanding of operating systems (Linux, Windows), networking (VPNs, firewalls), and cloud security.
• Analytical Thinking:
  Ability to sift through complex data and logs to find anomalies or configuration errors.
• Communication:
  Translating complex technical findings into business risks for non-technical executives.
• Attention to Detail:
  Meticulous approach to verifying every detail of a security policy or system setting.

Required Clearance:

• ship.
• TOP SECRET (Active) with the ability to obtain TOP SECRET SCI.

Desired Experience/Skills/Attributes:

• Previous COMSEC audit experience.
• Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs) preferred.
• Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent written and oral communications.

SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government.

Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit  For information on the benefits SAIC offers, see .