Key skills
Leadership
About this role
Role Overview
- Perform vulnerability assessments across SEC-supported systems and databases
- Review and analyze vulnerability reports, validate findings, and assess severity and operational impact
- Coordinate with infrastructure, application, and database teams to prioritize and remediate identified vulnerabilities
- Maintain visibility into open vulnerabilities and track progress through remediation and closure
- Support remediation of audit findings from Inspector General iCFR, FISMA, GAO, and SEC OIT Security audits
- Triage new findings to determine ownership, remediation path, and required resources
- Develop and maintain corrective action plans and POA&M tracking to closure
- Validate remediation evidence and document completed actions to support audit closeout
- Perform business process engineering for remediation of vulnerabilities found during vulnerability assessments
- Document remediation requirements, dependencies, and control updates needed to address findings
- Align remediation activities with SEC change control practices, SOPs, and security policies
- Identify process weaknesses and implement improvements to reduce introduction of new vulnerabilities
- Record vulnerabilities, remediation tasks, and status updates in approved tracking/ticketing workflows
- Produce recurring reports on remediation status, risk posture, and aging findings
- Prepare audit artifacts and supporting documentation for compliance reviews and inspections
- Communicate risks, issues, and remediation progress to SEC stakeholders and program leadership
Requirements
- Bachelor's degree
- 8+ years of experience in IT auditing, vulnerability assessment, and audit remediation in enterprise IT environments
- Minimum 5 years of related experience as an IT auditor performing vulnerability assessments and audit remediation, specializing in business process engineering
- Experience assessing system and database vulnerabilities
- Experience recording vulnerabilities and documenting requirements needed to remediate vulnerabilities
Benefits
- competitive compensation
- Health and Wellness programs
- Income Protection
- Paid Leave
- Retirement