What do you get when you bring together the brightest minds and place them into an exciting, fast-paced environment that fosters intellectual growth and rewards based on impact, not tenure?
You get one of the fastest growing consulting companies in the United States. While we may be a new name in consultancy, we were born from a storied one. Guidehouse was founded in 2018 as an evolution of PwC Public Sector with a mission to help our clients deliver on their mission; providing bold new strategies that catalyze transformative results across all ends of the enterprise. We embrace brilliance. We embrace independence. Join us.
Responsibilities include some or all of the following:
- Performing rigorous assessments of IT controls using industry-standard guidance and leading practices
- Performing walkthrough interviews and maintaining communication with a variety of client stakeholders, including system personnel such as system and database administrators
- Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing IT controls testing such as security plans, SOPs, system screenshots, and system configuration settings
- Evaluate the design and operating effectiveness of IT controls using provided artifacts, industry-standard guidance, leading practices, and professional judgement
- Professionally documenting the results of IT controls test work in a consistent and high-quality manner that would allow a reviewer to repeat the test and reach the same conclusion
- Summarizing and communicating IT controls assessment results to a variety of client stakeholders, including senior leadership personnel
- Planning and executing day-to-day activities of IT controls assessments individually and for the team
- Working with client personnel to understand and analyze known IT control weaknesses, identify root causes, and develop detailed, robust remediation plans
- Providing subject matter expertise to client personnel on all matters relating to IT controls and responding to ad-hoc IT controls requests from client personnel
Demonstrates knowledge and experience in IT risk and controls through IT audits, IT control assessments, and IT security reviews. Demonstrates a working knowledge of FISMA, NIST SP 800 series, FISCAM, and other relevant federal information assurance laws, regulations, and guidance. Experience performing OMB Circular A-123 or similar internal control assessments is highly preferable. Experience remediating and implementing IT controls is beneficial. Experience testing or remediating some or all of the following IT controls topic areas is preferable:
- Access and account management, including authorization, provisioning, recertification, and separation
- Segregation of duties, including identifying and defining segregation of duties risks and conflicts, preventive and detective segregation of duties controls, and understanding the difference between segregation of duties and least privilege
- Technical account management controls, such as password length, complexity, and expiration
- Audit logging and monitoring, including generation of audit logs, use of audit log aggregation and analysis tools, and audit log monitoring and review
- Configuration management, including configuration baseline concepts, baseline deviations, baseline maintenance, monitoring for ongoing compliance with a baseline, and industry-accepted baselines such as DISA STIGs and CIS benchmarks
- Change management, including authorization, development, testing, and deployment of changes
- Contingency planning, including backups, testing of backups, and alternate sites
Individual should have, at minimum, a bachelor degree in a related field (e.g., Information Systems, Accounting, general business or other technical degree). It is desired that individual maintains a relevant certification such as the Certified Information Systems Auditor (CISA) or is eligible to attain certification.
Security Clearance: Public Trust
Guidehouse is an affirmative action and equal opportunity employer. Employment decisions will be made without regard to race, color, religion, sex, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or other characteristics protected by law.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.