Website Cotton & Company, LLP
Serving the Public Interest
Cotton & Company LLP seeks a talented Cyber Security Auditor to supervise and perform tasks related to conducting technical cyber security audits of various federal agencies and their contractors. The auditor will be responsible for the planning, organization, and supervision of multiple IA audit and consulting engagements. Responsibilities will include overseeing and performing tasks related to the review and evaluation of computer-based systems, auditing general and application controls in complex IT environments, and participating in the hiring and development of staff and senior IA auditors.
- Plan, organize, and manage the work on engagements, including delegating segments to staff and senior IA auditors
Monitor budget and project progress to ensure work is completed on-time and within budget.
- Develop and implement work plans designed to achieve identified objectives.
- Prepare audit reports for clients, conveying audit findings and recommendations.
- Execute the daily activities of the engagement.
- Maintain communication with partner(s) regarding engagement progress, staff performance, and budget issues.
- Participate in the development of staff and senior level employees.
- Foster an efficient and team-oriented work environment.
Interact with clients on a regular basis and maintain excellent client relations.
- Participate in the bid and proposal process.
- Bachelor’s Degree from an accredited college/university in Computer Science, Information Systems, Accounting Information Systems, Decision Support Systems, Business Information Technology, or Information Security Assurance.
- Minimum 5 years cyber security, IT audit or consulting experience, preferably in the Government sector, but experience may also include Sarbanes-Oxley (SOX) 404 experience.
- CEH, CPT, or CISSP certification is preferred.
- Federal government experience, knowledge of federal laws including OMB A-130, NIST Special Publications, and FISMA.
- Knowledge of FISCAM and/or COBIT methodology.
- Understanding of general and application controls, basic financial applications and network operations.
- Experience performing vulnerability assessments and/or attack and penetration work.
- Audit experience working with Windows, nix operating systems, SQL and Oracle database platforms.
- Experience working with security and penetration tools such as WireShank, Nessus, Metasploit, or other similar tool sets.
- Experience consulting or auditing network architectures, firewall configuration, rule sets, and SIEM implementations.
- Ability to supervise, delegate, motivate and provide feedback to staff and seniors.
- Strong verbal and written communication skills.
- Ability to travel up to 25% annually.
- Ability to obtain a U.S. federal security clearance (U.S. Citizenship is required).
At Cotton, we believe that work should offer intellectual challenge, be fun, and allow for a healthy work/life balance. Our competitive compensation and benefits feature incentives that work, including professional certification, tuition reimbursement, and an individualized mentorship program. A challenging career with an opportunity for real personal and professional growth. First-class government clients that offer solid experience and major prestige. A company and employees with a solid reputation for excellence. A welcoming, mentoring workplace, and an approach to work that leaves time for your life outside the office. That’s the philosophy of work and life you’ll find at Cotton & Company. If you share our outlook and philosophies, we invite you to inquire about joining our team.
Cotton & Company is an Equal Opportunity Employer
To apply for this job email your details to firstname.lastname@example.org