Senior Cybersecurity Assessor

We are seeking an experienced and highly skilled Senior Cybersecurity Assessor to join our dynamic team. The successful candidate will play a crucial role in independently assessing and enhancing the information security posture of our client, with a focus on compliance with the Federal Information Security Modernization Act (FISMA), National Institute of Standards and Technology (NIST) standards, and other relevant cybersecurity frameworks. The Senior Cybersecurity Assessor will lead performance audits, ensuring the thorough evaluation of security controls, risk management processes, and overall cybersecurity resilience.

Responsibilities:

• FISMA Compliance: Conduct comprehensive FISMA compliance assessments, aligning with the latest Office of Management and Budget (OMB) and Department of Homeland Security (DHS) Inspector General (IG) FISMA Guidance.

• Audit Program Development: Develop and implement robust audit programs based on IG FISMA Reporting Metrics, NIST standards, and other pertinent cybersecurity frameworks.

• Security Documentation: Oversee the creation, maintenance, and review of security documentation throughout the Risk Management Framework (RMF) lifecycle, ensuring compliance with NIST SP 800-37.

• Performance Audits: Lead independent performance audits, assessing the effectiveness of information security programs and practices. Evaluate cybersecurity controls across the five Cybersecurity Framework functions: Identify, Protect, Detect, Respond, and Recover.

• Collaboration: Coordinate with internal and external stakeholders, including USPS OIG and client personnel, to plan and execute entrance and exit conferences, ensuring effective communication of audit objectives, findings, and recommendations.

• Reporting: Draft, review, and finalize audit reports, including discussion drafts, interim reports, and final reports. Ensure alignment with USPS OIG policies and reporting requirements.

• Continuous Improvement: Stay abreast of evolving cybersecurity threats, industry best practices, and regulatory changes. Provide recommendations for continuous improvement of information security programs.

• Bachelor's degree in Cybersecurity, Information Technology, or a related field. Master's degree preferred.
• Minimum of 8 years of experience in cybersecurity, with a focus on FISMA compliance and performance auditing.
• Strong understanding of NIST standards, particularly NIST SP 800-53, and other relevant cybersecurity frameworks.
• Professional certifications such as CISSP, CISA, or CISM are highly desirable.
• Proven experience leading and conducting performance audits, preferably in a federal or regulatory environment.
• Excellent communication skills, both written and verbal, with the ability to present complex cybersecurity concepts to diverse audiences.
• Strong project management skills, including the ability to manage multiple tasks and deadlines.
• If you are a highly motivated cybersecurity professional with a passion for ensuring the integrity and sec

Americans with Disabilities Act (ADA): XLA is committed to the full inclusion of all qualified individuals. As part of this commitment, XLA will ensure that persons with disabilities are provided reasonable accommodations in the hiring process. We encourage qualified individuals with disabilities to apply. If a reasonable accommodation is needed to participate in the job application or interview process or to perform essential job functions, please contact our HR team by phone at 703-584-8317 or via email at humanresources@xla.com.  For persons who are deaf, hard of hearing, deafblind, or deaf-disabled, XLA will provide an American Sign Language (ASL) interpreter where needed as a reasonable accommodation for the hiring processes.