IT Systems Engineer / Compliance Audit Technician is responsible for maturing the compliance audit program. The engineer/technician understands technical support, troubleshooting and able to perform scripting/programming to ensure stable and efficient operation of technology solutions. Familiarity with Windows and UNIX operating systems is needed along with an understanding of Firewalls, z/OS, and IDS/IPS.

Essential Job Functions
•Communicate with system owners and perform security documentation updates to meet annual audit requirements.
•Manage documentation and evidence repositories for access during audit events.
•Participate in discussions with all levels of leadership to articulate current state of the program.
•Perform assessments, remediation, implementation and integration of end-to-end solutions in these areas. Deliver advisory services focused on security compliance to IT management for external and internal systems.
•Evaluate and test controls in accordance with DISA, NIST STIGs
•Develop policies and procedures and ensures that the current procedures are updated with current information and available for review for compliance with DISA policies, procedures, and standards.
•Perform security vulnerability remediation and configuration activities by preparing security-related documentation for a 3rd-party review and assessment.
•Track, manage, and assist in the remediation of plans of actions and milestones.
•Provide supporting artifacts on a quarterly basis to external and internal management teams for IT Audits.
•Provide weekly and monthly status updates via dashboard and reports.
• May provide input into infrastructure architecture designs
• Writes programming/scripting
• Ensures execution and alignment to architectural standards and blueprints.
• May contribute input to infrastructure architecture

Minimum Job Requirements:
• 4 or more years demonstrated proficiency and experience in design, implementation, monitoring and troubleshooting technology or equivalent combination of transferrable experience and education.
• Bachelor’s degree in an IT related field or equivalent work experience
• Extensive working knowledge of multiple technologies and their interfaces and integration
• Competent working in one or more environments highly integrated with an operating system.
• Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations
• High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
• Ability to manage tasks independently and take ownership of responsibilities
• Ability to learn from mistakes and apply constructive feedback to improve performance
• Ability to communicate technical information clearly and articulately
• Ability to adapt to a rapidly changing environment
•Have the ability to lead resources and review deliverable in a timely manner.
•Project Management exposure

Preferred Criteria:
• Experience analyzing business requirements and translating them into technical solutions
• Experience using Agile methodology
•Experience performing IT controls testing based on DISA and/or NIST compliance..
•Have a deep understanding of multiple DISA STIGs as they relate to the desktop or server environment to include application compliance and auditing.
•Experience with patching and vulnerability remediation/tracking
•Experience with SCCM or related enterprise patch management solution.
•Experience with FISMA compliance and implementation of baseline controls.
•Experience with Tripwire IP360, Tenable Nessus, Nexpose or related scanning tools.
•Have experience in performing audit-related test work, preferably on general computer controls.