Senior IT Auditor

Tharros is seeking a Senior IT Auditor for an upcoming program supporting a US Navy customer located at NAS North Island. The Senior IT Auditor oversees a staff of IT auditors responsible for cybersecurity compliance assessment and monitoring in support of customerand associated training networks and systems. This position manages all cybersecurity compliance readiness assessment and cybersecurity threat detection and analysis activities, evaluates IT infrastructure risk, and ensures audit and inspection readiness across all performance locations.

• Determine and recommend improvements in current risk management controls and implementation of system changes or upgrades.
• Developinformation systems auditing procedures and train staff on compliance guidelines; monitor procedures and provide top management with reports.
• Managesubordinate staff in the day-to-day performance of their jobs as a true first-level manager.
• Ensure that project and budget milestones/goals are adhered to;demonstratefull authority for personnel actions and extensive knowledge of department processes.
• Apply knowledge of Live, Virtual, Constructive (LVC) training systems to cybersecurity audit and compliance activities.
• Lead preparations for Command Cyber Readiness Inspections (CCRI), Cybersecurity Inspections, Command Cyber Operational Readiness Inspections, DoD/DoNIG inspections, internal cyber inspections, and all other cyber-related inspections. Cooperate with andassistaudits, surveys, or inspections conducted internally or by authorized external Government agencies or contractors.
• Direct assessment and documentation of cybersecurity posture for applicable training networks and systems IAW all applicable requirements. Oversee the development and submission of technical reports on risk assessment findings.
• Direct the process of cyber readiness audits IAW specific CCRI, Cybersecurity Inspection, CCORI, DoD/DoN IG, and other inspection requirements. Oversee the development and submission of technical reports on audit findings.
• Direct audits of all CSWF contractor personnel supporting the customer to ensure personnel are identified, categorized, certified, qualified, and competent. Oversee submission of CSWF reports.
• Direct follow-up assessments to ensure audit findings are properly corrected. Oversee submission of follow-up technical reports.
• Oversee monitoring of system logs and intrusion sensors for indications of network attack, misuse, anomalies, intrusion, and unauthorized activities oncustomernetworks. Direct detection of precursor activities and Cyber Hunt/anomaly detection operations. Coordinate with authorized outside Government agencies to resolve incidents.
• Oversee the determination of incident significance and reporting of incidents to the ISSM or designated Government representative. Ensure support for corrective and resolution actions IAW applicable guidance.
• Direct tracking and analysis of security incident patterns. Oversee developmentofrecommendationsfor protective and defensive strategies, tactics, and actions.

• 5+ years of experience in support of DoD cybersecurity compliance frameworks, including DoDI 8500.01, DoDI 8510.01, NIST SP 800-53, NIST SP 800-30, and NIST SP 800-37.
• 3+ years of demonstrated managerial experience overseeing IT audit and cybersecurity compliance teams.
• IAT Level II minimum - in accordance with DoD 8140.01
• Active Top Secret DoD Clearance.
• Experience with CCRI, Cybersecurity Inspection, and IG audit processes and requirements.
• Knowledge of intrusion detection/prevention systems, SIEM tools, and network security monitoring technologies.
• Familiarity with Navy Live, Virtual, Constructive (LVC) training systems and customer network architecture.
• Strong leadership skills for managing a dispersed, multi-site workforce.
• Ability to develop auditing procedures, train staff, and provide management-level reports.
• Strong technical writing skills for oversight of deliverables.