SRA International, Inc., A CSRA Company IT Vulnerability Assessment Auditor in Washington, District Of Columbia

Clearance Level Must Currently Possess:

No Active Clearance Required

Clearance Level Must Be Able to Obtain:

No Active Clearance Required


Public Trust

Job Family:

Information Technology

Job Description:

The world of investing is fascinating yet complex. While hundreds of first -time investors are turning to the markets to help pay for their homes, send their children to college and secure their futures the mission of the Securities and Exchange Commission (SEC) is becoming all the more vital. GDIT is excited to support the SEC in as it seeks to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation.

The SEC ISS program is a comprehensive IT program charged with operating, managing, and advancing the SEC’s IT infrastructure. Our dynamic program team of IT leaders and large and small business partners is seeking bright, energetic and talented individuals to join us as we bring our innovative IT Service Delivery solutions to SEC. Currently, we are seeking a Vulnerability Assessment Auditor in Washington, DC. The selected candidate must be able to obtain a Public Trust Suitability clearance, per contract requirements.

Duties: Performs business process engineering for remediation of vulnerability found during vulnerability assessments. Records vulnerabilities and documents requirements needed to remediate vulnerabilities.

Required Skills:

  • Must have a minimum of 5 years of related experience as an IT auditor performing vulnerability assessments and audit remediation, specializing in business process engineering.

  • Must have experience accessing system and database vulnerabilities.

  • Experience supporting the development, implementation, and management of Plan of Action and Milestones (POAM) related to IT infrastructure systems.

  • Assists in the resolution of IT vulnerabilities and plans mitigation of POAM findings.

  • Strong communication and organizational skills

Desired Skills:

  • Knowledge of best practice deployment, controls, monitoring, auditing, compliance reporting, and vulnerability management of IT systems

  • CISSP, Security+, or equivalent certification desired but not required

  • Hands-on experience discovering system endpoints, identifying & assessing vulnerabilities, and generating real-time reports

  • Experience generating reports and identifying an appropriate plan of action to achieve security compliance with network security and vulnerability management tools such as Tenable, Splunk, Qualys, Varonis DATADVANTAGE, Microsoft Security Complaince Manager (SCM), Microsoft RAP, and more

  • Experience supporting Government security compliance standards, mandates, and configuration baselines such as FISMA, NIST, STIG, USGCB (previously FDCC) strongly desired

# of Openings:


Scheduled Weekly Hours:


T elecommuting Options:

Telecommuting Not Allowed

Work Location:

USA DC Washington - 100 F St NE (DCC087)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.


CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.

We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.

Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.

We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.