Princ Analyst, Info Security - Military veterans preferred

2018-12-07
General Dynamics Information Technology (www.gdit.com)
Other

/yr

  full-time   employee


Chesapeake
Virginia
United States

Information Systems Security Officer

 

 

Position Overview:

 

This is an Information Systems Security Officer (ISSO) position. The individual assigned to this position will have various responsibilities that relate to the protection of Classified and Critical Unclassified Information (CUI) and other security interests which may include: special nuclear material; and various types of proprietary information. 

 

Provides support for a program, organization, system, or enclave's information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support Certification and Accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Authorization and Assessment (A&A) under the Risk Management Framework (RMF) for new and existing information systems.

 

Responsibilities will include, but are not limited to:

 

  • Serve as Information Systems Security Officer (ISSO)
  • Performs computer security functions as assigned, including preparation of System Security Plans (SSPs), computer security briefings, computer/network security audits and inventory
  • Supports security authorization activities in compliance with the Risk Management Framework process (RMF)
  • Provide guidance to other team members for implementing, and enforcing information systems security policies, standards, and methodologies
  • Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information
  • Be an essential member of the Configuration Control Board (CCB)
  • Evaluate security solutions to ensure they meet security requirements for processing classified information
  • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies
  • Maintain operational security posture for an information system or program
  • Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave
  • Provide CM for security-relevant information system software, hardware, and firmware
  • Assist with the management of security aspects of the information system and perform day-to- day security operations of the system
  • Develop system security policy and ensures compliance
  • Administer the user identification and authentication mechanism of the Information System (IS)
  • Participate in the development or revision of security related policies and procedures
  • Manage and control changes to the system and assessing the security impact of those changes
  • Generate and maintain required IS security documentation including Systems Security Plans (SSP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures.
  • Interact with customers, IT staff, and high-level corporate officers
  •  

Qualifications:

8-10 years of related experience in data security administration.

 
 

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Education:

Preferred Education/Experience:

 

 

  • Experience in supporting Information Technology (IT) within a classified environment
  • Experience with security hardening, assessment and reporting tools: SNARE, SCAP, ACAS, SPLUNK, and Nessus
  • Knowledge of technical standards relating to systems security; experience administering UNIX, Linux, and Windows operating systems, experience with large-scale server systems, system virtualization and other related peripherals
  • Requires a BS in a related field or 5+ years of relevant work experience
  • Must possess working knowledge of and experience with NISPOM, ICD 503, CNSS 1253, and/or NIST SP 800 series
  • DoD 8570 compliant with a minimum certification of Security +; CISSP, CAP, CISA, CEH, CISM desired
  • Must possess active Secret clearance