Princ Analyst, Info Security

company banner
General Dynamics Information Technology
Analysis, Analyst, Director, Management, Risk Management, Security, Simulation, Testing
Full Time
Telecommuting not available Travel not required

Job Description


Job Description

Plan and execute A&A process for both existing and new systems. Facilitate initial briefings and subsequent meetings of the A&A core team.

Recommend security requirements based on appropriate guidance, including controls and measures may be appropriate to mitigate these system vulnerabilities.

Develop, review and evaluate A&A documentation including the System Security Authorization Agreement (SSAA), System Security Plan (SSP), Business Impact Analysis, Risk Assessment, Security Test and

Evaluation (ST&E) plan and report, and independent reviews of the information resource.

Prepare the A&A Evaluation Report and Plan of Action and Milestones (POA&M). Escalate security concerns or forward the A&A Evaluation Report and supporting A&A documentation package to the certifier.

Manages POA&M to ensure necessary security controls and processes are implemented.

Familiar with DoDI 8510.01 and DoDI 8500.2.
* Thorough understanding of the A&A processes and direct experience with the following A&A programs:
+ Director of Central Intelligence Directive (DCID) 6/3 or JFAN 6/3
+ DoD Risk Management Framework
+ DoD Information Assurance Certification and Accreditation Process (DIACAP)
+ National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53
+ Intelligence Community Directive (ICD) 503 (Desired)
+ Security Control Selection, Implementation, and Testing,
* Experience using security scanning software (e.g. Nessus) and risk framework management software (e.g. Telos Xacta)
* Knowledge and understanding of the DoD vulnerability assessment and remediation process
* Develop and maintain documentation including policies and standard operating procedures (SOP)

Education

Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

Qualifications

8-10 years of related experience in data security administration.

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.

 

Department: Information Technology


Company Information

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors. Headquartered in Fairfax, Va., with major offices worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services. General Dynamics Information Technology is one of two business units in the General Dynamics Information Systems and Technology business segment.