IT and Cyber Risk Auditor
Gdit
Help safeguard critical government systems by applying your hands‑on ISSM/ISSO experience to security governance, risk evaluation, and compliance oversight. As an IT and Cyber Risk Auditor at GDIT, you will leverage your background managing RMF controls, system documentation, and continuous monitoring activities to deliver thorough, accurate, and mission‑focused security assessments. This role is ideal for cybersecurity professionals who have previously served as an ISSM or ISSO and are seeking to transition into a dedicated risk, audit, and compliance position where they can influence security posture across multiple systems and programs.
MEANINGFUL WORK AND PERSONAL IMPACT
As an IT and Cyber Risk Auditor, the work you do at GDIT will have a direct and measurable impact on our customer’s mission. You’ll help ensure the integrity, security, and compliance of their IT systems by identifying potential risks, validating critical controls, and supporting continuous improvement efforts. Your work will enhance operational resilience and enable the customer to execute their mission with confidence.RESPONSIBILITIES
Conduct comprehensive security audits and RMF control assessments in accordance with DCSA, JSIG, and SAP security requirements, leveraging prior ISSO/ISSM experience. Review, validate, and improve security documentation and artifacts such as SSPs, POA&Ms, Continuous Monitoring outputs, and other evidence required by RMF and DCSA assessment standards. Develop, implement, and oversee operational information system security policies and guidelines aligned with the Risk Management Framework (RMF), JSIG, and applicable DCSA directives. Evaluate system security controls for effectiveness, completeness, and compliance with NIST SP 800‑53, DCSA/DoW requirements, JSIG standards, and internal organizational policies. Collaborate with ISSOs, ISSMs, SAP security personnel, and technical teams to analyze findings, recommend remediation actions, and ensure timely correction of identified vulnerabilities. Analyze system changes, configuration updates, and vulnerability data to determine authorization impacts, risk‑level changes, and required updates under RMF and JSIG/SAP processes. Support ongoing ATO and SAP authorization maintenance by tracking assessments, evidence submissions, and documentation required throughout the RMF and JSIG lifecycles. Prepare and deliver clear, risk‑focused briefings to system owners, DCSA assessors, SAP authorities, and other stakeholders regarding compliance status, audit results, and security‑related decisions.WHAT YOU’LL NEED TO SUCCEED
Education: Bachelors degree Experience: 2+ years of related experience as a prior ISSO/ISSM. In lieu of degree, additional 4+ years of work experience/training/education will be required. Certifications: IAT II (Security +, SSCP, CCNA Security). Technical skills: Strong understanding of NIST SP 800‑53, DoW cybersecurity requirements, and control implementation/assessment practices. Familiarity with Windows/Linux environments, vulnerability tools, and security baselines. Prior SAP experience desired. Security clearance: Must have an active Top Secret clearance in order to be considered, and the ability to obtain and maintain TS/SCI clearance. US citizenship required. Role requirements: Onsite, 5 days/week in Falls Church, VA office location.GDIT IS YOUR PLACE
Growth: AI‑powered career tool that identifies career steps and learning opportunities. Support: Internal mobility team focused on helping you achieve your career goals. Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off. Community: Award‑winning culture of innovation and a military‑friendly workplace. #J-18808-Ljbffr General Dynamics Information Technology- Centrus Energy Corp. in Bethesda, Maryland is seeking a skilled Sr. IT Auditor to oversee IT systems, cybersecurity practices, and ensure compliance with risk management standards. In this role, you will evaluate system controls and partner with IT, finance, and operations...CyberRisk
- General Dynamics Information Technology is seeking an IT and Cyber Risk Auditor in Falls Church, VA. The role emphasizes hands-on ISSO/ISSM experience, RMF control assessments, and security documentation validation to uphold DCSA and JSIG standards. You will collaborate...CyberRisk
- ...Auditor The Auditor will work within a team consulting and auditing both financials and... ...Standards. Review and evaluate financial risk, financial reporting and accounting... ...that specializes in Information Technology (IT), Cyber Security, Accounting & Finance, Business...CyberRiskTemporary workLocal area
- Capital One is seeking a Principal Auditor for Cyber, Risk, and Analysis Technology Audit. The role focuses on evaluating technology risks and leading audits of critical functions including cloud technologies. The ideal candidate will have robust auditing experience and...CyberRisk
- General Dynamics Information Technology is seeking an IT and Cyber Risk Auditor to help safeguard critical government systems. The ideal candidate will have prior ISSO or ISSM experience, a Bachelor's degree, and active Secret clearance. This position involves conducting...CyberRisk
$164.8k - $188.1k
Capital One is seeking a Manager in Cyber Risk & Analysis in McLean, VA. You will apply technical expertise and risk management skills to lead the Risk Management Strategy for a major technology modernization program within the Retail Bank Division. The role involves collaborating...CyberRisk- A leading financial services firm in McLean is seeking a Manager to join their Cyber Tech & Product Risk team. The role involves applying risk management expertise to enhance the organization's cyber risk profile and drive strategic change. Responsibilities include risk...CyberRisk
- ...providing administrative, technical, and analytical expertise of the Risk Management Framework with knowledge of network operations and... ...CCMD equities and participating in the regularly scheduled CCMD Cyber Scorecard Sync, and other DoW Cyber Hardening/ Hygiene Scorecard...CyberRisk
$131.3k - $149.8k
Capital One seeks a Cyber Risk Manager in McLean, VA, to enhance their security posture. The role emphasizes collaboration with technical teams and thorough understanding of risk frameworks. Ideal candidates will have at least 3 years in cybersecurity, strong knowledge...CyberRisk$151.9k - $173.4k
Capital One is looking for a motivated Program Manager to join their Cyber Execution and Transformation team in McLean, VA. You will play a crucial role in driving key cyber initiatives, using your problem-solving skills and technical background to oversee complex projects...CyberRiskFull time- ...is seeking a Cybersecurity Analyst to join the Federal Strategic Cyber group in a hybrid role based in Arlington, VA. You will... ...Baselines, develop and automate security configurations, and support risk-based decision-making. The role requires strong domain expertise...CyberRisk
- Lafayette Group Inc. is seeking an experienced Cyber Solutions Architect to provide advanced consulting for federal cybersecurity programs... .... The ideal candidate will offer technical expertise in vendor risk assessment and cyber supply chain risk management to ensure...CyberRisk
- ...Overview Job Title: Cyber Security Lead Location: Ft. Belvoir, VA or Quantico, VA Clearance: Active Secret Clearance required Employment... ...and networks to ensure compliance with DoD standards and the Risk Management Framework (RMF). The ideal candidate combines strategic...CyberRiskContract work
- Partner Forces LLC, located in Arlington, Virginia, is seeking a Cyber Solutions Architect to provide key cybersecurity expertise for... ...thinking and technical proficiency in managing cyber supply chain risks. The ideal candidate will have over 7 years of experience in...CyberRisk
- Airbus U.S. Space & Defense, Inc. is seeking a Cyber Security Product Risk Manager who collaborates with Cyber, Space Engineering, and Contracts to ensure hardening requirements are met for spacecraft products. Responsibilities include developing security event detection...CyberRisk
- MartinFederal Consulting, LLC is seeking a Lead Cyber Security Engineer in Arlington, Virginia, to provide technical leadership in cybersecurity... ...leading implementation of cybersecurity solutions, conducting risk assessments, and mentoring technical teams. A Master's Degree...CyberRisk
- Capital One is looking for a Senior Cyber Program Manager in McLean, VA, to lead the Cyber Strategy and Reporting team. This role involves managing cyber risks, developing executive-level reporting, and facilitating communication across diverse stakeholder groups. The ideal...CyberRiskFull time
$131.3k - $149.8k
Capital One National Association is seeking a Principal Risk Specialist, Tech & Cyber Risk in McLean, VA. This high-impact role involves driving end-to-end risk management and collaborating with technology stakeholders to identify and mitigate risks. The ideal candidate...CyberRisk- Airbus U.S. Space & Defense, Inc is seeking a Cyber Security Product Risk Manager to collaborate with Cyber, Space Engineering and Contracts to ensure products meet hardening requirements across the product life cycle, including spacecraft components. The role emphasizes...CyberRisk
- Ampcus, Inc in McLean, VA, is looking for a Risk Advisor to support enterprise risk management, focusing on data and cyber risk. The role involves collaboration with various teams to ensure compliance within regulatory requirements. Candidates should have strong knowledge...CyberRisk
- General Dynamics Information Technology is seeking a Cyber Risk and Compliance Specialist - Artificial Intelligence Governance to bridge AI research with practical governance oversight. This hybrid role requires collaboration across the AI/Data team and cyber risk functions...CyberRisk
$86.8k - $198k
Booz Allen Hamilton is seeking a cyber security specialist to utilize experience in Risk Management Framework and system maintenance for U.S. military software solutions. You will address technical challenges and enhance DevSecOps processes. Ideal candidates will have a...CyberRisk$107.9k - $195.05k
...team to identify, assess, and prioritize risks to DISA and DoD mission partners, as well... ...Configuration Management documentation. Conduct cyber situational awareness activities and... ...operational. Recommend and implement changes to IT systems in accordance with DoD directives....CyberRisk- ...and technical support. The successful candidate will manage programmatic risk analysis and coordinate DARPA-funded testing activities. The ideal candidate should have expertise in offensive cyber operations, vulnerability research, and reverse engineering. A TS/SCI clearance...CyberRisk
- Information Technology Senior Management Forum is seeking a Cyber Program Manager to oversee key cybersecurity initiatives within a fast... ...skills. This position requires a proactive approach to identify risks and contributing effectively to cyber initiatives. #J-18808-...CyberRisk
- A growing decision analytics firm is seeking a Junior Cyber Risk Data Engineer/Analyst in Arlington, VA. This role emphasizes data-driven capabilities in cyber risk management, where you'll manage risk assessment data, connect with external threat databases, and assist...CyberRisk
- ...role. Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support... ...cloud security posture management, compliance validation, and risk mitigation for cloud-enabled capabilities. Responsibilities:...CyberRiskContract workLocal areaImmediate start
- ...support of major networks; reviews and evaluates network performance, risk and financial analysis feasibility studies. Oversees the... ...consulting solutions in the areas of national defense, homeland and cyber security. TENICA provides knowledgeable and experienced subject...CyberRiskWork at office
$125k - $145k
...support for federal cybersecurity programs. The Cyber Solutions Architect provides enterprise-... ...to support federal cyber supply chain risk management and interagency collaboration.... ...automation-enabled processes. Provide enterprise IT and systems ecosystem advisory to senior...CyberRiskContract work- Peraton is seeking a Notification Specialist in Arlington, VA, to monitor cybersecurity incidents and provide risk briefings to government entities. Candidates must possess a Bachelor’s degree, at least 3 years of experience, and a Top Secret security clearance. Responsibilities...CyberRisk
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to IT and Cyber Risk Auditor. Be the first to apply!
- cyber Falls Church, VA
- risk Falls Church, VA
- technology risk Falls Church, VA
- risk assurance Falls Church, VA
- IT delivery manager Falls Church, VA
- IT coordinator Falls Church, VA
- IT site lead Falls Church, VA
- information technology work from home Falls Church, VA
- entry level IT tech Falls Church, VA
- entry level computer information technology Falls Church, VA


