CareerBliss Logo

Principal or Senior IT Internal Auditor; Cybersecurity & Compliance

Andover, MA
Posted 03/03/2021

This is a multi-level position based on the candidate's qualifications as they relate to the skills, experience, and requirements for this position. US Citizenship statues required as this position needs active US Security Clearance as of day one of employment . The RMD Digital Technology (DT) organization embraces the opportunity to deliver business value by connecting business insight with technical expertise and innovation. We're continuously pushing the envelope to create leading-edge secure technological solutions for complex systems and program challenges. In joining our team, you will have the opportunity to be an integral part of a team responsible for managing business risk through the implementation of cost effective IT controls.As a Principal orSenior Internal Auditor you will be a member of the audit team within the RMD Digital Technology Governance, Risk and Compliance organization, which acts as an independent appraisal entity that evaluates the effectiveness and adequacy of the company's security and operational controls to ensure compliance with regulatory requirements. You will perform ongoing evaluations to assess unclassified information systems for compliance with applicable DT security policies, including but not limited to NIST Special Publication 800-171 and 800-53. Your role will also include conducting assessments of information systems (IS) and associated security plans with an expiring Authority To Operate (ATO), and assisting with the development of and tracking of pertinent remediation plans. This candidate must be able to attain Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification(s) within 6 months of start date.This role will be based in Andover, MA but can work PT virtual. Capped relocation will be available to the selected applicant if they are eligible per company policy.Responsibilities Include: Working in a team that conducts a variety of complex IT internal audits and identifies remedial actions aimed at achieving 100% compliance with all internal and external policies and regulations. Assessing internal DT and program compliance with all imposed DFARS and CMMC requirements to effectively prepare for future external DoD (DCSA, DCMA) and/or internal company audits, and improve overall program and environmental security posture. Performing assessments of IS environments against related SSPs (System Security Plans). Delivering relevant or required training and preparation to program teams and leads, in advance of customer or 3rd party audits. Coordinating and conducting interviews with pertinent management, lab personnel and other stakeholders throughout the audit process. Assisting in the development of audit findings, identifying root causes, and identifying remedial action that corresponds to compliance goals and objectives. Issuing detailed reports that document audit findings and concisely and accurately convey results and ensuing remedial action. Must be able to attain Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification(s) within 6 months of start date. Minimum Required Skills: Bachelor degree in IT/STEM degree and 6 years of professional experience is required or a related Master degree in IT/STEM and 4 years of experience is required, in lieu of a degree 8 additional years of experience is required. Experience with NIST SP800-171, NIST SP 800-171A and NIST SP800-53 control implementation and assessment. Experience planning and deploying audit engagements, performing compliance testing and/or data analytics, preferably in a medium to large organization. Must be able to attain Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification(s) within 6 months of start date. Experience with planning, administer, and summarize audit engagements, including the establishment of audit plans, timelines, progress reports, and remedial action documentation and tracking. Experience with analytical ability to assess information system compliance against internal standards and policies, as well as all pertinent external regulatory requirements. Experience with enterprise risk concepts including strategic, operational and technical risk management, and ability to help propose, draft and monitor risk mitigation solutions. US Citizen Status is required as this this position will need a US Security Clearance within 1 year of start date. Highly Desired Skills: Experience in Aerospace & Defense industry and/or government contracting. Working knowledge of NIST SP800-171, NIST SP 800-171A and NIST SP800-53. Familiarity with Cybersecurity Maturity Model Certification (CMMC). Experience working with DCMA and DCSA customers that administer audits. Possession of or ability to obtain a US DOD Secret Security Clearance Excellent communication and interpersonal skills Ability to effectively and clearly compose professional audit reports and convey issues and findings in an organized fashion Ability to independently draft and present detailed audit white papers Ability to become a subject matter expert in RMD Policy RP-IT-SEC-003 (IT Security: Information Risk Management) and RP-IT-SEC-005 (IT Security: Network and Systems). Minimum 4 years of experience in IT Audit / Compliance, IT Security, IT Operations, or other related field Familiarity with audit concepts and strategies in a highly complex, regulated environment. Ability to work multiple complex initiatives simultaneously Familiarity with US Defense Security Service (DSS) audit procedures Effective interpersonal and presentation skills to navigate challenges and clearly convey thoughts, ideas and suggestions to management and stakeholders. Ability to apply critical thinking and navigate relationships to effectively facilitate teams toward a common goal and enable transparency, understanding and cohesion throughout the audit process. Work on multiple project assignments and teams simultaneously in a fast-paced, deadline-driven environment. 172558 Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. Apply Now


My Email Please enter a valid email address to create job alerts. By clicking on "Continue", I give CareerBliss consent to process my data and to send me email alerts, as detailed in CareerBliss's Privacy Policy. I may withdraw my consent or unsubscribe at any time. Continue