Amyx is seeking to hire a IT Program Auditor-Advanced to support our Cybersecurity Division/NGA Defender in the NCE-Springfield, VA. area. Conducts evaluations of an IT program or its individual components, to determine compliance with published standards.

Develop methods to monitor and measure risk, compliance, and assurance efforts.
• Provide ongoing optimization and problem-solving support.
• Provide recommendations for possible improvements and upgrades.
• Review or conduct audits of information technology (IT) programs and projects.
• Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.
• Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up.
• Conduct import/export reviews for acquiring systems and software.
• Ensure that supply chain, system, network, performance, and cybersecurity requirements are included in contract language and delivered.

Microsoft Office Suites; SharePoint; ITIL, ServiceNow, Xacta, Archer

Required:

• Bachelor degree or higher from an accredited college or university (Recommend an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.)
• Clearance: TS/SCI
• 8140 Certification: CCISO or CCSP or CISA or CISM or CISSP or GSLC
• Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
• Skill in conducting audits or reviews of technical systems
• Skill to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise.
• Ability to ensure security practices are followed throughout the acquisition process.

Desired:

• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of cybersecurity and privacy principles.
• Knowledge of cyber threats and vulnerabilities. Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of industry-standard and organizationally accepted analysis principles and methods.
• Knowledge of information technology (IT) architectural concepts and frameworks.
• Knowledge of Risk Management Framework (RMF) requirements.
• Knowledge of resource management principles and techniques. Knowledge of system life cycle management principles, including software security and usability.
• Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
• Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161). Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.
• Knowledge of supply chain risk management standards, processes, and practices.
• Knowledge of risk threat assessment.
• Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
• Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
• Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
• Knowledge of how to leverage research and development centers, think tanks, academic research, and industry systems.
• Knowledge of information technology (IT) acquisition/procurement requirements.
• Knowledge of the acquisition/procurement life cycle process.

Benefits include:

• • • Medical, Dental, and Vision Plans (PPO & HSA options available)
    • Flexible Spending Accounts (Health Care & Dependent Care FSA)
    • Health Savings Account (HSA)
    • 401(k) with matching contributions
    • Roth
    • Qualified Transportation Expense with matching contributions
    • Short Term Disability
    • Long Term Disability
    • Life and Accidental Death & Dismemberment
    • Basic & Voluntary Life Insurance
    • Wellness Program
    • PTO
    • 11 Holidays
    • Professional Development Reimbursement

Please contact talent@amyx.com with any questions!

Amyx is an Equal Opportunity employer. Amyx is committed to providing equal employment opportunity to all job seekers. Every qualified applicant receives focused consideration for employment and no one is discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status. In addition to federal law requirements, Amyx complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Equal Opportunity Employer- Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity. Amyx is an E-Verify employer.

Amyx proudly and proactively takes affirmative action to advance employment of individuals who are minorities, women, protected veterans and individuals with disabilities.


Physical Demands

Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.