Cybersecurity Auditor

Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel - and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Senior Cybersecurity Auditor Responsibilities and Duties: Independently performs complex security analysis of classified and unclassified applications, systems, and enclaves for compliance with security requirements. Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations. Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks. Performs vulnerability and risk analysis and participates in a variety of computer security penetration studies. Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers. Recommends solutions to meet security requirements. Gathers and organizes technical information about an organization's mission goals and needs and makes recommendations to improve existing security posture. Provides enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves. Provides workable recommendations and advice to client executive management on system improvements, optimization, and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC. Competence to work at the highest level of all phases of information systems auditing. Basic Qualifications:

• Associates or higher degree preferred
• Proven proficiency performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications and IT frameworks.
• Seven (7) years of IT experience
• Five (5) years of cybersecurity experience
• Strong analytical and problem-solving skills for resolving security issues.
• Strong skills implementing and configuring networks and networks components.
• Command Cyber Readiness Inspection certification or equivalent in at least one of the following areas:
• Nessus Scan Analysis
• Operating Systems (Windows, Unix)
• Boundary Defense) Network Policy, Router, Firewall)
• Internal Defense (L2 Switch, L3 Switch)
• DNS (Policy, BIND/Windows)
• HBSS (remote console, AV, ABM, PA HIPS, ePO)
• Traditional Security (Common, Basic, NCV, SCV)
• Wireless Communications (BES, Handhelds)
• Tenable Certified NESSUS Auditory
• Knowledge and understanding of DOD security regulations, DISA Security Technica Implementation Guides
• Understanding of SCAP
• Familiarity with AUTOCHECKLIST Tool
• Knowledge of and proficiency with:
• VULNERATOR
• USCYBERCOM CTO Compliance Program
• Wireless vulnerability assessment
• Web Services (IIS, Apache, Proxy)
• Database (SQL Server, Oracle)
• Email Services (Exchange)
• Vulnerability Scans (NESSUS, SCCM)
• Knowledge of Phishing exercises
• Cloud Security
• Operational Technology
• Artificial Intelligence
• USB Detection
• Physical Security
• Required to possess experience as a DISA Risk Management Executive, Cyber Standards Branch Command Cyber Readiness Inspection (CCRI) or Cyber Operational Readiness Assessment (CORA) Team Lead and have a certification in penetration testing, such as:
• Licensed Penetration Tester (LPT)
• Certified Expert Penetration Tester (CEPT)
• Certified Ethical Hacker (CEH)
• Global Information Assurance Certification Penetration Tester (GPEN)
• Security Clearance Level: SECRET and be eligible for an IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) upon assignment.

Apply tot his job Apply To this Job