Senior Cybersecurity Assessment Analyst

About the position Kearney and Company is seeking a Senior Cybersecurity Assessment Analyst to join our growing team! Responsibilities include but not limited to: Analyze auditor or assessor requests, identify appropriate documentation in coordination with control owners, and review response for appropriateness and compliance Organize, monitor, and follow up on audit requests to provide timely responses Communicate delays and risks with management Review artifacts and draft FMFIA A-123 Appendix A workpapers for supervisor review Conduct A-123 walkthroughs, draft client request, communicate findings Perform review of Plans of Action and Milestones (POA&Ms) to determine sufficiency to remediate findings Perform independent verification and validation (IV&V) of audit finding remediation and clearly document results for management review Organize, monitor, and follow up on delayed audit finding remediation Exercises intermediate knowledge in the use of technologies/systems With supervisor assistance and oversight, prepare for and lead meetings with control owners Performs other consulting duties, as needed Mains all continuing Government and non-Government educational requirements, including GAGAS requirements Responsibilities • Analyze auditor or assessor requests, identify appropriate documentation in coordination with control owners, and review response for appropriateness and compliance • Organize, monitor, and follow up on audit requests to provide timely responses • Communicate delays and risks with management • Review artifacts and draft FMFIA A-123 Appendix A workpapers for supervisor review • Conduct A-123 walkthroughs, draft client request, communicate findings • Perform review of Plans of Action and Milestones (POA&Ms) to determine sufficiency to remediate findings • Perform independent verification and validation (IV&V) of audit finding remediation and clearly document results for management review • Organize, monitor, and follow up on delayed audit finding remediation • Exercises intermediate knowledge in the use of technologies/systems • With supervisor assistance and oversight, prepare for and lead meetings with control owners • Performs other consulting duties, as needed • Maintains all continuing Government and non-Government educational requirements, including GAGAS requirements Requirements • Bachelor's degree in Computer Science, Information Systems, or a related field • Minimum 2 years of experience performing external IT security assessments or audit liaison support for external IT security assessments • Minimum 1 year of external assessment workpaper writing experience, under CIGIE or GAGAS fieldwork requirements • 2 years of federal client experience and requisite understanding of key NIST publications • Ability to be onsite 2 days a week in Alexandria, VA • Professional communication skills and clear business writing • Ability to obtain and maintain a U.S. security clearance (requires U.S. citizenship) Nice-to-haves • OMB A-123, OIG FISCAM, OIG FISMA assessment experience • Diligent One, ServiceNow, ACL or HighBond experience • Professional certification: CISSP, CISA, Security+, CC, CPA Benefits • Medical, Dental, Vision, Life, AD&D, and Disability Insurance • 401(k) Retirement Plan and 529 Education Savings Plan • Flexible Spending & Health Savings Account • Accident, Critical Illness, Hospital Indemnity Insurances • Legal Insurance and Pet Insurance • Employee Assistance Program, fitness and wellness benefits, and other firm benefits • Paid holidays, vacation, and sick time Apply tot his job Apply To this Job