Cybersecurity Auditor - Senior

Cybersecurity Auditor - Senior Location: Remote, with the ability to regularly travel to Ft. Belvoir, VA for meetings
Clearance: Required to possess a DOD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) upon assignment.

Position Summary
Nationwide IT Services is seeking a Senior Cybersecurity Auditor to perform complex cybersecurity inspections, vulnerability evaluations, and compliance assessments. This role supports DoD mission environments and will lead Command Cyber Readiness Inspections (CCRIs) and penetration testing efforts.
Key Responsibilities

• Conduct complex security analysis of classified and unclassified systems for compliance with DoD requirements.
• Perform Command Cyber Readiness Inspections (CCRIs) and cybersecurity vulnerability evaluations.
• Execute vulnerability and penetration testing on networks, databases, and applications.
• Analyze and define security requirements for enterprise IT systems.
• Develop remediation recommendations and advise leadership on security posture improvements.
• Support compliance evaluations against DISA STIGs and USCYBERCOM CTO compliance programs.
• Provide enterprise-level technical guidance for security risk reduction and system optimization.

Required Qualifications

• Proven proficiency in performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications, and IT frameworks.
• Seven (7) years of IT experience
• Five (5) years of cybersecurity experience
• Strong analytical and problem-solving skills for resolving security issues.
• Strong skills in implementing and configuring networks and network components.
• Command Cyber Readiness Inspection certification or equivalent in at least one of the following areas:
  • Nessus Scan Analysis
  • Operating Systems (Windows, Unix)
  • Boundary Defense) Network Policy, Router, Firewall)
  • Internal Defense (L2 Switch, L3 Switch)
  • DNS (Policy, BIND/Windows)
  • HBSS (remote console, AV, ABM, PA HIPS, ePO)
  • Traditional Security (Common, Basic, NCV, SCV)
  • Wireless Communications (BES, Handhelds)
  • Tenable Certified NESSUS Auditory
• Knowledge and understanding of DOD security regulations, DISA Security Technical Implementation Guides
  • Understanding of SCAP
  • Knowledge of and proficiency with:
  • VULNERATOR
  • USCYBERCOM CTO Compliance Program
  • Wireless vulnerability assessment
  • Web Services (IIS, Apache, Proxy)
  • Database (SQL Server, Oracle)
  • E mail Services (Exchange)
  • Vulnerability Scans (NESSUS, SCCM)
  • Knowledge of Phishing exercises
  • Cloud Security
  • Operational Technology
  • Artificial Intelligence
  • USB Detection
  • Physical Security
• Required to be a DISA Risk Management Executive, Cyber Standards Branch Certified Command Cyber Readiness Inspection (CCRI) Team Lead, and have a certification in penetration testing, such as:
  • Licensed Penetration Tester (LPT)
  • Certified Expert Penetration Tester (CEPT)
  • Certified Ethical Hacker (CEH)
  • Global Information Assurance Certification Penetration Tester (GPEN)

• Familiarity with AUTOCHECKLIST Tool
• Strong verbal communication skills, including the ability to brief government leadership and technical stakeholders.

Preferred Qualifications

• Experience with VULNERATOR
• Experience with SCCM vulnerability scans
• Experience with Exchange, IIS/Apache/Proxy services, and SQL/Oracle databases

Why Join Nationwide IT Services?
Nationwide IT Services is a trusted government contractor supporting Department of Defense customers. We offer the opportunity to work on high-impact cybersecurity missions alongside experienced professionals in a collaborative and growth-focused environment.