Cybersecurity Audit Manager

- Lead the planning, coordination, and tracking of cybersecurity audits and assessments, including FISMA, OMB A-123, FMFIA, and OIG and GAO engagements. - Maintain the cybersecurity audit risk register, managing risks, remediation plans, ownership, milestones, and progress. - Prepare packaged responses, corrective action plans (CAPs), audit artifacts, and final documentation for submission to oversight bodies. - Create or enhance audit playbooks, process documents, and guidance materials to ensure standardized engagement execution. - Organize entrance/exit conferences, walkthroughs, interviews, site visits; manage information requests and deadlines. - Assist in developing risk summaries, dashboards, and program-level reporting (e.g., audit activity status, open items, milestones). - Oversee and monitor risks associated with High Value Assets (HVAs) and audit findings, providing regular updates to leadership. - Ensure that coordination efforts are in alignment with NIST RMF, NIST CSF, FISMA, relevant OMB guidance, and DOC cybersecurity policies. - Track identified weaknesses and recommendations to support audit readiness and evidence planning. - Act as the primary point of contact among OCRM, OCOS, ESOC, DOC Operating Units, auditors, and assessment teams. - Maintain clear communication, provide regular status updates, and address issues as necessary to uphold schedules and quality. - Create concise briefings and summaries for leadership and audit stakeholders at critical milestones (entrance, fieldwork, exit, close-out). - Use CSAM (GRC) for the systematic control of system security documentation and status. - Manage engagement workflow and artifacts through the DOC Audit Management System (ServiceNow); maintain request logs, evidence, and dashboards. - Employ collaboration/reporting tools (e.g., SharePoint, Excel/Power BI, MS Project) for repository management, trackers, and executive-ready summaries.