IT Audit Advisory Consultant/FISCAM SME

We are seeking a highly skilled and experienced IT Audit Advisory Consultant/FISCAM SME to join our team. This position will require the candidate to work closely with government customers, contractor Project Lead, Information Systems Security Officer (ISSO), Application Vendor, and Application End Users. The role demands an individual who is proactive, detail-oriented, and capable of working independently while adhering to customer requirements and timelines.

Duties and Responsibilities:

Design, develop, and implement IT corrective action plans (CAPs) for self-identified deficiencies (SIDs) and external IPA findings
• Perform CAP validation testing for completed remediation activities
• Perform baseline review assessments (e.g., FISCAM) to assess system readiness and remediate identified deficiencies
• Monitor, track, and report on IT CAP statuses and third-party risk management (e.g., service providers)
• Develop risk-based approaches for prioritization of IT findings
• Perform advisory services for risk management framework (RMF) activities to support system team IT control implementations in accordance with financial management overlay
• Integrate leading practices for IT audit remediation

Required Qualifications:

• Clearance: TS/SCI with polygraph (or ability to obtain SCI and pass polygraph).
• Education/Experience: Bachelor's + 8 years relevant experience OR a Master's Degree and 6 years of relevant experience. An additional 4 years of experience may be considered in lieu of degree.
• Certification: Active Security+ (DoD 8570 IAT Level II).
• Other Skills:
• Ability to learn IT general controls (ITGC), Financial Information System Control Audit Manual (FISCAM), and National Institute of Standards and Technology Special Publication (NIST) 800-53v4
• Ability to understand IT audit finding recommendations to translate those requirements to functional/technical stakeholders
• Ability to understand business processes in order to develop and implement new controls to mitigate or remediate identified IT audit gaps
• Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraints

Desired Qualifications:

• Clear communicator with both technical and non-technical stakeholders.
• Ability to manage and prioritize tasks independently.
• Strong written/verbal communication.
• Experience with Xacta
• Familiar with Configuration Management
• Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs
• Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.