Technology Shared Services (TSS) is looking for an Governance, Risk and Compliance Analyst Sr. The tasks to be performed are as follows:
Ability to work across multiple projects simultaneously.
Expertise in various security platforms including but not limited to: firewalls, intrusion detection systems, two-factor authentication systems, antivirus systems, secure email gateway appliances, web filtering proxy, security information and event management (SIEM) platforms, data-loss prevention, vulnerability detection, content filtering and identity and access management.
Expertise in designing secure networks, systems and application architectures. Disaster recovery technologies and methods. Planning, researching and developing security policies, standards and procedures. System administration, supporting multiple platforms and applications. Cloud platform-as-a-service (PaaS) security. Automating security testing tools.
Track identified risks and exceptions, and manage to resolution via POAMs.
Requires strong analytic and problem solving capabilities and the ability to identify solutions and recommendations that effectively address business and control needs along with how to train and guide others in this area.
Requires a proven record of meeting commitments and achieving goals through the encouragement, guidance and influencing of others
Strong team player – collaborates well with others to solve problems and actively incorporates input from various sources; Strong communication / leadership skills.
Requires ten plus years of experience in Information Technology, Information Security, IT Assurance, IT Governance, Risk Management and/or Business Continuity Management.
Conducts regular assessments of site implementation of FISMA controls to support Continuous Monitoring.
Performs computer security Incident Response activities, coordinates with virtual security team to record and report incidents.
Provides security expertise in FISMA, OMB, NIST and federal government requirements to support IT Security and Privacy compliance.
Leads execution of ATO and POA&M activities, developing all supporting documentation to demonstrate resolution.
Supports vulnerability management and responds to vulnerability reports for applicability, taking remedial actions.
Supports program assessment and authorization activities.
Maintains current knowledge of relevant technologies and security rends.
Reviews Security Plans and other accreditation documentation and implements actions which accurately reflects the security protection measures for unclassified information system.
Works closely with the System Administrator and engineers to maintain the system's security and accreditation status.
Knowledge of developing, documenting and implementation of business process and/or procedures
Serves as an informational resource to users for all IT
Requires one or more of the following governance, risk, assurance or security certifications: CISSP, CRMA, CGEIT, CRISC, CISM, CISA, CBCP, GIAC or related governance certifications.
Requires highly effective verbal, written and interpersonal communication skills.
Requires flexibility and willingness to work with a wide range of personalities on a variety of projects while prioritizing effectively.
5+ years of related experience in IT Cyber security administration.
Must have practical experience with FISMA / NIST / government security requirements.
Government related cyber security: 5 years (Required)
NIST, OMB, and or RMF: 5 years (Preferred)
ISSO: 1 year (Preferred)
DoD Security Clearance of Secret and/or Top Secret
Bachelor’s Degree in related technical discipline, or the equivalent combination of education, professional training or work experience
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.