Cyber Audit Maturity Lead with Security Clearance

---

Job description

Overview Steampunk is seeking a Cyber Audit Maturity Lead to drive the strategic maturity of our audit team's processes and modernize key areas to support external audits. As the lead, you will introduce process improvements to streamline audit activities, improve efficiency, and ensure seamless integration of results. You will provide strategic oversight, ensuring audit findings are analyzed holistically, with actionable insights that enhance our cybersecurity posture. This role requires stepping back to view audit outcomes across various activities (e.g., Financial Statements Audits, A-123, DHS, OIG, and Internal Audits) and making informed recommendations that align with broader organizational goals. You will be a key figure in translating audit results into practical modernization initiatives that improve compliance and risk management practices. Contributions Lead efforts to modernize and streamline audit processes to enhance efficiency, reliability, and responsiveness in external audit engagements. Identify key areas for improvement and modernize audit workflows, focusing on areas that contribute to overall audit success and cybersecurity enhancement. Serve as the primary point of contact for all audit-related activities, overseeing the full lifecycle of audit response and remediation tasks. Analyze audit outcomes to deliver actionable insights and strategic recommendations to leadership, leveraging audit findings to drive improvements in security compliance and risk management. Oversee the Audit Analysts team, delegating tasks and ensuring alignment with audit goals and strategic priorities. Collaborate with stakeholders across the organization, ensuring that audit processes and findings are communicated effectively, with a focus on continuous improvement. Track and maintain Post Inspection Finding Remediation and Plan of Actions and Milestones (POA&M) Status Report, ensuring up-to-date and accurate information for all relevant internal and external audits. Facilitate technical, operational, and non-technical evaluations across diverse system environments (e.g., network infrastructure, VoIP, OS security, etc.), driving comprehensive audit readiness. Ensure proper documentation of system security processes, privacy compliance, and audit artifacts, working closely with various teams to ensure audit-readiness. Lead the Mission Action Plan for post-audit remediation, tracking milestones, and ensuring timely and thorough remediation activities. Qualifications Ability to hold a position of public trust with the US government. Master's Degree and 3 years of relevant experience; OR Bachelor's Degree and 5 years of relevant experience; OR No degree and 9 years of relevant experience Possession of a professional certification relevant to cybersecurity or audit processes (e.g., CISSP, CISA). Demonstrated ability to lead audit teams, providing strategic oversight, and delivering process improvements. Strong expertise in government audit processes (Financial Statements Audits, A-123, OIG, etc.), with a focus on compliance and cybersecurity risk management. Experience with NIST guidelines, particularly those within the NIST SP 800 series, and other cybersecurity frameworks (e.g., FISMA, FIPS). Strong communication and leadership skills, with a proven ability to guide teams, communicate with stakeholders at all levels, and drive process improvements. Flexibility and adaptability to work in a fast-paced environment with evolving priorities. About steampunk Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit . We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.

<!– job description page –>