Senior FISMA Auditor CISSP, CISA

Company Overview
Brown & Company CPAs and Management Consultants PLLC is a distinguished Certified Public Accounting and Management Consulting firm dedicated to delivering exceptional audit services primarily to the Federal Government. With a rich history dating back to 1983, we specialize in a wide range of audit, accounting, and management support services, including FISMA compliance and information technology reviews.

Overview
We are seeking an energetic and detail-oriented Senior FISMA (Federal Information Security Management Act) Auditor to join our dynamic team. This pivotal role involves leading comprehensive FISMA assessments, ensuring federal agencies’ information security programs meet rigorous standards, and supporting clients in maintaining compliance with government cybersecurity mandates. Your expertise will drive the success of our clients’ security initiatives while advancing your career in a fast-paced, impactful environment.

Responsibilities

Lead and perform detailed FISMA audits and assessments for federal agencies, evaluating their information security controls against NIST (National Institute of Standards and Technology) standards.
Develop comprehensive audit plans, methodologies, and documentation to ensure thorough evaluation of cybersecurity programs.
Collaborate with client teams to identify vulnerabilities, recommend improvements, and verify implementation of security controls aligned with FISMA requirements.
Prepare clear, concise audit reports that communicate findings effectively to both technical and non-technical stakeholders.
Stay current on evolving federal cybersecurity policies, NIST guidelines, and regulatory changes impacting FISMA compliance.
Support internal quality assurance processes by reviewing audit workpapers and ensuring adherence to government auditing standards (Yellow Book).
Provide mentorship to junior staff members, fostering a culture of continuous learning and professional development.

Requirements

Proven experience conducting FISMA audits or assessments within federal agencies or government contractors.
Strong knowledge of NIST Special Publication 800-series guidelines related to cybersecurity controls.
Familiarity with federal cybersecurity frameworks, including risk management practices aligned with FISMA requirements.
Extensive understanding of information security principles, regulatory reporting, and cybersecurity best practices.
Demonstrated ability to develop detailed financial report writing and analysis skills for audit documentation.
Experience with auditing standards such as GAAS (Generally Accepted Auditing Standards) and COSO (Committee of Sponsoring Organizations).
Proficiency with accounting software, financial analysis tools, and cybersecurity assessment platforms.
Excellent communication skills for preparing technical reports and presenting findings clearly.
Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or equivalent are highly desirable. Join us in empowering federal agencies to strengthen their cybersecurity posture through expert auditing! This role offers an exciting opportunity to make a meaningful impact while advancing your expertise in government compliance, risk management, and technical accounting within a supportive professional environment.

Job Types: Part-time, Contract

Pay: $78,398.85 - $94,415.82 per year

Benefits: