Own your opportunity to support our nation's defense. Make an impact by connecting and securing critical operations across the globe, keeping our country safe and secure.
Job DescriptionOwn your opportunity as an IT & Cyber Risk Auditor Principal at GDIT. You’ll lead enterprise-level IT and cybersecurity risk and compliance assessments that help secure the systems and data vital to our national security missions. At GDIT, the mission is our purpose, and our people are at the center of everything we do.
As a trusted audit leader, you’ll evaluate cyber and IT controls, identify risk exposure, and influence remediation strategies while partnering with cross-functional teams to strengthen enterprise risk posture. Your work will have meaningful impact across federal government and defense programs.
Responsibilities:
Lead and execute rigorous IT and cybersecurity risk audits and assessmentsEvaluate IT general controls, cybersecurity controls, and risk management processes.Assess compliance with federal frameworks and guidance (e.g., NIST, RMF, FISMA, FedRAMP, ISO 27001)Identify and document control gaps, risk exposures, and areas for process improvement.Provide risk-based recommendations and actionable insights to senior leadership and stakeholders.Support preparation of audit reports and executive briefingsManage and execute system Certification and Accreditation processes, ensuring compliance with security controls and requirements outlined in agency policies.Collaborate with cybersecurity, IT, compliance, and program teams to drive remediation and sustainable improvements.Participate in internal and external audit activities, including customer assessments.Experience using XACTA data base applications and the ICD 503, NIST 800-83 rev4 policyReview monthly vulnerability scan reports and track and address weaknesses in plans as needed.Perform security system event analysis, investigation, and validationProvide incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issuePerform Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reportingRequired Qualifications:
8+ years of progressive experience to an intermediate level in IT audits, cybersecurity risk management, or information assurance.TS/SCI w/CI poly.Security+CE.Expertise with cybersecurity and IT control frameworks and compliance requirements.Experience conducting complex IT and cybersecurity audits in government or federal contracting environments.Experience with cloud security risk assessments and modern technologiesClear and effective communication skills with the ability to influence technical and executive audiences.Ability to multi-task, prioritize, and re-prioritize work in a fast-paced environment.Ability to learn an application environment in order to update or create supported security documentation.Preferred Qualifications:
Bachelor’s degree or equivalent military training in Information Systems, Cybersecurity, Computer Science, Accounting, or related field.Applicable certifications include: CASP+, CGRC/CAP, GSEC, GSNA, SSCP, CISSP, CISM.Currently hold certification in good standing to satisfy IAM Level II (Information Assurance Management Level 2) per DoW 8570/8140.Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years.GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.