IT and Cyber Risk Auditor Principal

Responsibilities for this Position

Location: USA MD La Plata
Full Part/Time: Full time
Job Req: RQ214745


Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Top Secret SCI + Polygraph

Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph

Public Trust/Other Required:
None

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
Cyber Risks, Cybersecurity Controls, Cybersecurity Risk Management, Security Controls, Security Risk
Certifications:
None
Experience:
8 + years of related experience
US Citizenship Required:
Yes

Job Description:

Own your opportunity as an IT & Cyber Risk Auditor Principal at GDIT. You'll lead enterprise-level IT and cybersecurity risk and compliance assessments that help secure the systems and data vital to our national security missions. At GDIT, the mission is our purpose, and our people are at the center of everything we do.

As a trusted audit leader, you'll evaluate cyber and IT controls, identify risk exposure, and influence remediation strategies while partnering with cross-functional teams to strengthen enterprise risk posture. Your work will have meaningful impact across federal government and defense programs.

Responsibilities:

• Lead and execute rigorous IT and cybersecurity risk audits and assessments
• Evaluate IT general controls, cybersecurity controls, and risk management processes.
• Assess compliance with federal frameworks and guidance (e.g., NIST, RMF, FISMA, FedRAMP, ISO 27001)
• Identify and document control gaps, risk exposures, and areas for process improvement.
• Provide risk-based recommendations and actionable insights to senior leadership and stakeholders.
• Support preparation of audit reports and executive briefings
• Manage and execute system Certification and Accreditation processes, ensuring compliance with security controls and requirements outlined in agency policies.
• Collaborate with cybersecurity, IT, compliance, and program teams to drive remediation and sustainable improvements.
• Participate in internal and external audit activities, including customer assessments.
• Experience using XACTA data base applications and the ICD 503, NIST 800-83 rev4 policy
• Review monthly vulnerability scan reports and track and address weaknesses in plans as needed.
  • Perform security system event analysis, investigation, and validation
  • Provide incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue
  • Perform Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reporting

Required Qualifications:

• 8+ years of progressive experience to an intermediate level in IT audits, cybersecurity risk management, or information assurance.
• TS/SCI w/CI poly.
• Security+CE.
• Expertise with cybersecurity and IT control frameworks and compliance requirements.
• Experience conducting complex IT and cybersecurity audits in government or federal contracting environments.
• Experience with cloud security risk assessments and modern technologies
• Clear and effective communication skills with the ability to influence technical and executive audiences.
• Ability to multi-task, prioritize, and re-prioritize work in a fast-paced environment.
• Ability to learn an application environment in order to update or create supported security documentation.

Preferred Qualifications:

• Bachelor's degree or equivalent military training in Information Systems, Cybersecurity, Computer Science, Accounting, or related field.
• Applicable certifications include: CASP+, CGRC/CAP, GSEC, GSNA, SSCP, CISSP, CISM.
• Currently hold certification in good standing to satisfy IAM Level II (Information Assurance Management Level 2) per DoW 8570/8140.
• Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years.

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities.
• Support: An internal mobility team focused on helping you achieve your career goals.
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award-winning culture of innovation and a military-friendly workplace.

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

The likely salary range for this position is $110,500 - $149,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
Less than 10%

Telecommuting Options:
Onsite

Work Location:
USA MD La Plata

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

PI282324162

Back To Search Results

GDIT supports and secures some of the most complex government, defense, and intelligence projects across the country.

Ask A Question

Share this job

URL Copied!

• #OpportunityOwned
• #WeAreGDIT
• #GDITCareers