Audit and Advisory Associate Intern (DOD Skillbridge)
Job Summary:
The Audit and Advisory Associate Intern (AAA-I) employs their experience in security tools, security solutions, internal audit, IT governance and compliance initiatives to assist with security assessments and compliance initiatives. Starting with coordination of assessment tasks with the client, the AAA-I also prepares the tools for the assessment including setup of the clients assessment portal and scanning tools. Through a coordinated effort with the VP and Director, the AAA-I helps identify, collect and validate assessment evidence provided by the client to ensure that the evidence provided addresses control requirements. The AAA-I participates in controls testing and physical security evaluations when required. The AAA-I serves in a quality role for reporting. Lastly, the AAA-I has an important role in ensuring that the Tego’s security offerings are fresh, responsive to industry trends, effective against rapidly changing threats and are specific to the Tego target market. The AAA-I is familiar with cyber security industry best practices and provides support across the company, including researching and analyzing both global and client-specific security trends. The AAA-I also assists with internal audits supporting Tego’s certifications and attestations. Successful candidates must pass an extensive background check. Successful completion of the Audit and Advisory Associate Internship will qualify the intern for evaluation as a full time Audit and Advisory Associate.
Target MOCs:
255S, CTN, 184X, 175X, 3DOX3, 0681, CYB13
Essential Functions:
- Proficient communication skills with demonstrated ability to translate complex information into layman’s terms for internal and external non-technical stakeholders.
- Proficiency with various privacy and security regulations applicable to Tego’s business
- Proficiency with Internal Audit best practices as identified by ISACA and AICPA
- Proven teamwork skills, including conflict resolution and collaboration.
- Training skills with experience and ability to develop and deliver technical training programs and related materials in support of customers’ and Tego employees.
- Intellectual curiosity and self-motivation including a thirst for learning and applying cyber security industry standards and innovations that can improve the business.
- Strong technical and business acumen to identify how business systems work together, the cyber security threats that jeopardize the effectiveness of business systems, and best practices to prevent human error and other security breaches.
- Basic problem-solving skills, including ability to conduct research, analyze factors, evaluate solutions, and persist to resolution or implementation.
- Fundamental understanding of IT environments
- Knowledge of the features, tools, and processes used for maintaining network and Internet security. Ability to develop and implement safeguards for the prevention of intrusion and unauthorized access to the organization’s network security system.
- Knowledge of and the ability to manage processes, tools, techniques, and practices for assuring adherence to standards associated with accessing, altering, and protecting organizational data.
Preferred Skills:
CISA, CISSP and/or CISM certification.
Location:
Virginia, North Carolina, South Carolina
Additional Details:
The Audit and Advisory Associate Intern (AAA-I) will start with an approximately four week mentored and self-guided training program including:
- orientation to Audit and Advisory services
- orientation to NIST Special Publications and Federal Information Processing Standards
- an introduction to CMMC and HIPAA compliance requirements and the ISO 27001 security standard.
The AAA-I is expected to complete ISACA ITCA-Cybersecurity Fundamentals training and pass the certification exam. As the AAA-I progresses through training, they will be gradually included in active Audit and Assessment engagements. Tasks will include:
- Assessment Coordination: working with Project Manager to coordinate interviews, scanning, evidence submission, etc.
- Collection and Review of Evidence: working with lead CISA to collect evidence and artifacts including tasks to evaluate the effectiveness of the evidence to support control requirements.
- Assessment Report QC: working with lead CISA in formatting and proofing assessment report.
- Assessment Report Presentation: working with lead CISA to present the assessment report and explain findings and recommendations.
- Lastly, the AAA-I will be expected to articulate their experience and findings for the general good of the security, audit and compliance industry and Tego clients via blog posts and other mediums of communication.
Interested in applying?
Email resume to info@tegodata.com to apply.