This site uses cookies. To find out more, see our Cookies Policy

Princ. Information Security Analyst in Philadelphia at General Dynamics Information Technology

Date Posted: 11/30/2018

Job Snapshot

Job Description

Performs all procedures necessary to ensure the security of information/control system assets, and protect the data contained within or processed through, from intentional or inadvertent access or destruction. 

SPECIFIC DUTIES & RESPONSIBILITIES:

  1. Creates, Submits, and Validates Assess & Authorize (A&A) packages in accordance with DIACAP/RMF (DoDI 8510.01)
  2. Creates, Submits, and Validates Platform IT (PIT) Assess & Authorize (A&A) packages in accordance with NAVSEAINST 9400.2
  3. Maintains compliance with Federal, DoD and DoN Cybersecurity policies.  Incumbent utilizes extensive knowledge of all areas of cybersecurity to establish operating standards and procedures for the Cybersecurity Program.
  4. Reviews risk analysis and accreditation documentation for timeliness, completeness and accuracy, and ensures that all necessary materials are submitted for review.
  5. Conducts threat and vulnerability analysis to assess and determine effective countermeasures or mitigations that minimize risks and ensure the IS is operational and secure.
  6. Is responsible for cybersecurity oversight & implementation for research, development, test, and evaluation (RDT&E) land based test facility (LBTF) IT assets and represented ship platforms/systems. 

PRINCIPAL DUTIES/RESPONSIBILITIES:

  1. Assists with implementation of counter-measures or mitigating controls for afloat and land-based environments.
  2. Ensures the integrity and protection of tactical/RDT&E networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
  3. Performs periodic and on-demand system audits and vulnerability assessments to determine compliance.
  4. Prepares computer incident reports, which include analysis methodology and results.
  5. Provide cybersecurity technical and administrative support for command assessments and inspections.
  6. Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
  7. Maintains current knowledge of relevant technology as assigned.
  8. Provide cybersecurity engineering and maintenance in support of the installation and validation ship control systems, components, and methodologies.

Job Requirements

10-15 years of related experience in a cybersecurity-related expertise.

DESIRED SKILLS AND ABILITIES: 

  1. Advanced knowledge of cyber security administration principles, methods, and techniques.
  1. Knowledge of DoDI 8500.2 Information Assurance Control (IAC) and NIST 800-53 Security Control implementation and validation, from a systems engineering perspective, as applied to DoD IS.
  2. Knowledge of Operating System hardening and remediation IAW the DISA Security Technical Implementation Guides (STIGs).
  3. Experience with Assured Compliance Assessment Solution (ACAS) (Nessus), SCAP Compliance Checker (SCC). and the DISA STIG Viewer.
  4. Familiarity with Enterprise Mission Assurance Support Service (eMASS) and associated business rules for completing C&A/A&A packages.
  5. Experience with Microsoft Windows and UNIX (Linux) operating systems.
  6. Knowledge of work planning and resource estimation techniques sufficient to develop milestones and estimate completion dates.
  7. Experience with MS Office applications including Word, Excel, PowerPoint, and Visio. 

Certification Requirements:

  1. Minimum Required Certifications: Certification Authorization Professional (CAP), Security+ Continuing Education (CE), Industry Operating System (OS) certification [e.g. Microsoft Technology Associate (MTA), (Microsoft Certified Solutions Associate (MCSA), or Red Hat Certified Engineer (RHCE)].
  2. Preferred Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Leadership Certificate (GSLC), Fully Qualified Navy Validator (FQNV), CompTIA Advanced Security Practitioner (CASP)

Must be able to obtain/maintain Secret clearance.

WORKING CONDITIONS:

The work is typically performed in an office environment and at external client site locations, which requires proper safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment.

Minimal travel is expected (10-15% annually)

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.



WIIS14