Icon hamburger
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply Now

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

Cybersecurity Audit Analyst

Chickasaw Nation Industries Rockville Full-Time
Apply Now

The Cybersecurity Audit Analyst provides support to the Indian Health Service (IHS) Division of Information Security (DIS). This position provides program level support in the tracking and remediation of noted deficiencies by coordinating with and responding to internal and external auditors.


Essential duties and responsibilities include the following. Other duties may be assigned.

Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken.

Assists in responding to requests for information from outside auditors. Implements a process and program to gather and track responsive information.

Implements an effective weakness remediation process, to include reporting and oversight that is aligned with Federal, Department, and Agency policy. Creates a process to track and report remedial actions, Plan of Action and Milestones (POA&Ms), on a quarterly basis.

Monitors the POA&M process. Contacts system owners to confirm remediation projects are progressing as planned and notifies appropriate parties of upcoming deadlines.

Implements a POA&M tracking tool and ensures it is up-to-date.

Ensures that questions, concerns and issues are addressed and communicated appropriately and in a timely manner.

Researches information, policies and practices to appropriately respond to complicated customer related questions.

Assists in meeting mandates, directives, reporting, and other security-related processes with respect to Federal regulations such as FISMA; OMB Circular A-123; Health Insurance Portability and Accounting Act (HIPAA); OMB mandates; Homeland Security Presidential Directives (HSPD); Federal Information Processing Standards (FIPS); NIST guidance implementation, oversight and compliance including for example: 800-53 Security Controls, 800-37 Certification and Accreditation, 800-30 Risk Assessments; HHS and Agency directives, guidance and reporting requirements; and industry, “best practices and guidance.” This assignment will include significant research, evaluation, recommendation, and documentation development such as security assessment reports, methodologies, briefings, and presentations.

Drives regular audit updates within the department to ensure alignment to audit findings and best practices.

Responsible for aiding in own self-development by being available and receptive to all training made available by the company.

Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.

Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and co-workers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions to the best of own ability.


Bachelor’s degree in a major field of study, such as computer science, and two (2) years’ of experience; or equivalent combination of education / experience. Experience in interpreting federal security guidance such as FISMA, FIPS, NIST Special Publications, OMB Mandates, and other federal requirements. Experience with the federal Certification and Accreditation process including conducting reviews such as Security Control Testing and Evaluation (ST&Es), tracking progress, and defining POA&Ms.



CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, CCNA or SSCP certifications preferred


Familiar with OMB, FISMA, FIPS, HIPAA and other federal regulations and requirements associated with Information Security

Strong written and verbal communications skills with ability to prepare quality reports, presentations, summaries and analysis

Strong interpersonal skills applied to interactions with all levels of authority

Ability to read, analyze, develop and interpret common information systems security documents

Ability to present ideas in business-friendly and user-friendly language

Highly self-motivated and directed

Keen attention to detail

Team-oriented and skilled in working within a collaborative environment


Ability to calculate figures and amounts such as discount, interest, commission, proportions, percentages, area, circumference and volume. Ability to apply concepts of basic algebra and geometry. 


Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interrupt an extensive variety of technical instructions in mathematical or diagram from and deal with several abstract and concrete variable.


Ability to read analyze and interpret common and technical journals, financial reports, and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to write speeches and articles for publications that conform to prescribed styles and format. Ability to effectively present information to top management, public groups, and / or boards of directors. 



The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic.


Recommended skills

Federal Information Security Management Act
Comp Tia Linux+
Risk Analysis
Federal Information Processing Standards (Fips)
Systems Security Certified Practitioner
Certified Information Systems Security Professional
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 2019-6950


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

Chickasaw Nation Industries, Inc. (CNI) was founded as the government contracting arm of the Chickasaw Nation. The vision was to build CNI into a collection of profitable companies. Within a short time CNI has become one of the largest and most successful corporations in the United States.

CNI now owns and manages many business enterprises that collectively employ more than 2,000 people. The long-term strategy of CNI is to continue to grow by expanding the number of federal contracts and through selective acquisition of small 8(a) companies that fit the CNI business model.

View the full profile