Senior IT Internal Auditor, Cybersecurity & Compliance

RTN 2 (Raytheon IDMS)
Andover, MA 01810
Senior IT Governance, Risk, and Compliance Auditor II
DT Security Internal Auditor

Sr. Information, Governance and Risk Specialist II
Raytheon Missile & Defense Digital Technology (RMD DT)
RMD DT Cybersecurity & Compliance
Andover, MA

The RMD Digital Technology (DT) organization embraces the opportunity to deliver business value by connecting business insight with technical expertise and innovation. Were continuously pushing the envelope to create leading-edge secure technological solutions for complex systems and program challenges. In joining our team, you will have the opportunity to be an integral part of a team responsible for managing business risk through the implementation of cost effective IT controls.

As a Senior Internal Auditor you will be a member of the audit team within the RMD Digital Technology Governance, Risk and Compliance organization, which acts as an independent appraisal entity that evaluates the effectiveness and adequacy of the companys security and operational controls to ensure compliance with regulatory requirements. You will perform ongoing evaluations to assess unclassified information systems for compliance with applicable DT security policies, including but not limited to NIST Special Publication 800-171 and 800-53. Your role will also include conducting assessments of information systems (IS) and associated security plans with an expiring Authority To Operate (ATO), and assisting with the development of and tracking of pertinent remediation plans.

This role will be based in Andover, MA but can be virtual if necessary. Capped relocation will be available to the selected applicant if they are eligible per company policy.

Responsibilities Include:

  • Working in a team that conducts a variety of complex IT internal audits and identifies remedial actions aimed at achieving 100% compliance with all internal and external policies and regulations.
  • Assessing internal DT and program compliance with all imposed DFARS and CMMC requirements to effectively prepare for future external DoD (DCSA, DCMA) and/or internal company audits, and improve overall program and environmental security posture.
  • Performing assessments of IS environments against related SSPs (System Security Plans).
  • Delivering relevant or required training and preparation to program teams and leads, in advance of customer or 3rd party audits.
  • Coordinating and conducting interviews with pertinent management, lab personnel and other stakeholders throughout the audit process.
  • Assisting in the development of audit findings, identifying root causes, and identifying remedial action that corresponds to compliance goals and objectives.
  • Issuing detailed reports that document audit findings and concisely and accurately convey results and ensuing remedial action.

Required Skills:

  • 6 years total professional experience required with 4+ years overall directly related Digital/Information Technology, Audit and Compliance, and IT Security experience.
  • Working knowledge of and familiarity with NIST SP800-171, NIST SP 800-171A and NIST SP800-53 control implementation and assessment.
  • Experience planning and deploying audit engagements, performing compliance testing and/or data analytics, preferably in a medium to large organization.
  • Possession of (or ability to attain) Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification(s).
  • Ability to plan, administer, and summarize audit engagements, including the establishment of audit plans, timelines, progress reports, and remedial action documentation and tracking.
  • Proven analytical ability to assess information system compliance against internal standards and policies, as well as all pertinent external regulatory requirements.
  • Proven experience with enterprise risk concepts including strategic, operational and technical risk management, and ability to help propose, draft and monitor risk mitigation solutions.
Desired Skills:

  • Experience in Aerospace & Defense industry and/or government contracting.
  • Working knowledge of NIST SP800-171, NIST SP 800-171A and NIST SP800-53.
  • Familiarity with Cybersecurity Maturity Model Certification (CMMC).
  • Experience working with DCMA and DCSA customers that administer audits.
  • Possession of or ability to obtain a US DOD Secret Security Clearance
  • Excellent communication and interpersonal skills
  • Ability to effectively and clearly compose professional audit reports and convey issues and findings in an organized fashion
  • Ability to independently draft and present detailed audit white papers
  • Ability to become a subject matter expert in RMD Policy RP-IT-SEC-003 (IT Security: Information Risk Management) and RP-IT-SEC-005 (IT Security: Network and Systems).
  • Minimum 4 years of experience in IT Audit / Compliance, IT Security, IT Operations, or other related field
  • Familiarity with audit concepts and strategies in a highly complex, regulated environment.
  • Ability to work multiple complex initiatives simultaneously
  • Familiarity with US Defense Security Service (DSS) audit procedures
  • Effective interpersonal and presentation skills to navigate challenges and clearly convey thoughts, ideas and suggestions to management and stakeholders.
  • Ability to apply critical thinking and navigate relationships to effectively facilitate teams toward a common goal and enable transparency, understanding and cohesion throughout the audit process.
  • Work on multiple project assignments and teams simultaneously in a fast-paced, deadline-driven environment.
Education:

  • BS/BA - Information Technology, MIS, Engineering, Science, Mathematics or Business (Directly applicable experience may be considered in lieu of degree)

168996

Categories

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior IT Internal Auditor, Cybersecurity & Compliance

RTN 2 (Raytheon IDMS)
Andover, MA 01810

Join us to start saving your Favorite Jobs!

Sign In Create Account