Position: Sr Level Systems Compliance- Audit Engineer
Location: Fort Gregg-Adams, VA(Hybrid)
Clearance: Active Secret
Client: The Defense Commissary Agency (DeCA)
Certifications: IAM Level III (CISSP, GSLC or CISM)
- The selected candidate with be responsible for working with the DECA ISSM, ISSO's, SCA's and other groups. They will be responsible for ensuring command readiness for all external Audits. Individual must have experience working with Auditors and Government leadership , organizing and preparing for Auditing Cyber Enterprise compliance including PCI .
- Leading, coordinating and directing Cyber requirements for Audits and inspections as directed by the Gov.
- Provide compliance oversight at the direction of the Government.
- Oversee, coordinate, and support internal and external system Cybersecurity audits including (but not limited to) PCI, Cybersecurity Service Provider, and CCRI/CCORI. Interact with Auditors audit findings; interact with DeCA PCI ISAs, system administrators, and Information System Security Managers/Officers.
- Participate in DeCA and JFHQ-DoDIN working groups, meetings, and focus groups.
- Coordinate, schedule, and document senior-level briefings as required.
- In preparation for external inspections, track and verify DeCA's compliance with vulnerability management (i.e., flaw remediation) requirements and timelines to ensure an acceptable level of enterprise risk is maintained.
- Perform internal quality assurance reviews and recurring surveys for Cybersecurity programs and related execution in preparation for inspection evolutions.
- Develop enterprise level cybersecurity near real-time dashboards as required.
- Leverages DoD policies, architectural frameworks, and commercial best practices to design and develop Standard Procedures that satisfy enterprise scale cybersecurity requirements.
- Provide input for integrating technical, managerial, and operational control enforcement elements into enterprise architecture for system components needed for analysis, design, implementation, testing, accreditation, deployment, and sustainment of cybersecurity features.
- Keeps abreast of new enterprise architecture solutions including leading edge technologies such as on-premises grid computing, cloud computing, and Service Oriented Architecture (SOA).
- Maintains technical knowledge of evolving technology trends and available COTS products that implement related technologies
- Must have a Secret security clearance.
- 5 years of ISSO and/or ISSM experience.
- Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC or CISM)
- Candidate must be knowledgeable of the following: RMF, PCI, FedRamp .
- Must have experience in RMF and Vulnerability management.
- Cloud Security Experience
For more open requirements, please visit
CompQsoft Inc. Established in 1997, headquarters in Houston, TX and office in Leesburg, VA. CompQsoft offers a range of comprehensive Cyber Security, Infrastructure, Cloud solutions, ERP implementation, Business Intelligence, Application development, Ecommerce applications and Management consulting services. CompQsoft is Certified CMMI Level 3 practitioner for Development and Services, ISO 9001:2015, ISO 27001:2013 & ISO 200001:2011 Certified. CompQsoft is a fast growing company with a strategy and methodology that is strongly focused on the success of our clients, predominantly the Federal government.
CompQsoft provides equal opportunity in all aspects of employment and in the working environment to all employees and applicants. CompQsoft does not take any nonmerit factors like race, color, religion, sex (gender), mental/physical disability, and age into account for purposes of recruitment, hiring and development.
Visit www.compqsoft.com to learn more about our culture, benefits.