Cybersecurity Auditor – Senior

At The One 23 Group, our mission is to set the benchmark for excellence in government services. We empower our clients in the Department of Defense, Intelligence Community, and Federal Civilian sectors to excel with our advanced capabilities. Our dedication lies in fostering a people-first culture, underpinned by steadfast ethical principles. Embracing innovative technologies and process improvements, we are steadfast in our journey toward a future that is both bright and transformative.

Our expertise spans consulting and analytics, digital workplace solutions, and cyber compliance. With our global footprint, we place a strong emphasis on nurturing our people and culture, which forms the core of our successful strategies in leadership and financial management. We pride ourselves on our extensive experience and effective approach, ensuring that we lead with both innovation and integrity.

The One 23 Group, a Virginia-based Government Contractor, seeks a TOP SECRET/SCI Cleared Senior Cybersecurity Auditor local to Washington DC Metropolitan area.

 We are seeking an experienced Senior Cybersecurity Auditor who will be responsible for leading a team of cybersecurity auditors in conducting comprehensive security analysis of classified and unclassified applications, systems, and networks to ensure compliance with established security requirements. This senior-level role involves performing complex audits, such as Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations, using advanced security techniques and tools. The Cybersecurity Auditor – Senior is responsible for probing the security posture of computer systems, evaluating their safety and effectiveness, and issuing detailed reports with findings and improvement recommendations. This role ensures that the organization’s security policies and systems are aligned with corporate and governmental regulations and standards.

Key Responsibilities:

• Team Leadership: Lead and manage a team of cybersecurity auditors in the execution of security audits and vulnerability assessments across an organization’s classified and unclassified systems.
• Security Audits & Inspections: Plan, execute, and lead Command Cyber Readiness Inspections and other security audits. Conduct cybersecurity vulnerability evaluations using a range of tools and techniques to assess the security posture of systems and networks.
• Audit Documentation & Reporting: Perform thorough documentation of the audit process and accurately interpret audit results. Issue detailed reports summarizing the effectiveness of security controls, identifying any vulnerabilities, and providing actionable recommendations for improvements.
• Process Evaluation: Inspect and evaluate information systems, security controls, and management procedures for compliance with corporate policies and government regulations. Assess the efficiency, effectiveness, and compliance of operational processes.
• Risk-Focused Exams: Develop and administer risk-focused examinations for IT systems to evaluate control practices and exposure levels. Review audit evidence and weigh its accuracy and relevance against audit criteria.
• Stakeholder Collaboration: Work with personnel across the organization to identify security risks, interview stakeholders, and understand operational challenges. Provide best practice recommendations to enhance security at all levels.
• Compliance & Regulations: Ensure that all audit recommendations align with corporate security policies and comply with relevant government regulations. Work with management to implement improvements based on audit findings. 

Qualifications:

• Education: Bachelor’s Degree in Information Technology, Computer Science, or a related technical field. 
• Experience: 
  • Minimum of five (5) years of experience in Information Technology (IT), with a focus on cybersecurity auditing and assessments.

Certifications: Must possess one of the following certifications:

· REQUIRED:

• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• CompTIA Security+

Clearance: 

• Must possess an active TOP SECRET/SCI clearance.