Information Assurance / Security Analyst (FedRAMP / Cloud / FISMA) - Active TS/SCI required

Clearance Level
Top Secret/SCI
Category
Information Security
Location
Washington, District of Columbia

REQ#: RQ91601

Travel Required: Less than 10%
Requisition Type: Regular

The Mid Information Assurance Analyst is responsible for working across teams to evaluate packages for completeness and their readiness to undergo assessment, drive key aspects of continuous monitoring requirements, and contribute to continuous improvements within the FedRAMP program.  This effort includes refining processes where needed to attain and maintain FedRAMP certification, leading related communications and enablement, and managing overall program governance and documentation.

Responsibilities Include:

  • Participate in rapid assessment teams to identify gaps, risks and remediations for information system

  • Identify FedRAMP Boundary components in customer deployments

  • Coordinate with internal stakeholder engineering teams to demonstrate the implementation of security compliance control implementations for technical, management, and operational requirements

  • Perform vulnerability and compliance scanning, when necessary, to analyze results, provide assessments and reviews

  • Audit security control to ensure compliance with cloud requirements and governance models

  • Support the development of technical material, operational processes, security policies, and other core documents

  • Manage compliance metrics

  • Manage and track Plans of Action and Milestones (POA&Ms)


Required skills and experience:

  • Experience writing technical documentation and knowledge of Cloud and Security concepts (including FIPS 199, NIST 800 Series REV 4, FISMA A&A, continuous monitoring, and POA&M management)

  • Experience with writing, editing, and/or managing a wide variety of IT security documentation and familiarity with federal IT standards such as Federal Information Security Management Act (FISMA)

  • Experience interviewing subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.

  • Experience with the production and/or editing of technical drawings using MS Visio or similar design tools.

  • Understanding of Third-party Assessment Organizations (3PAO)

  • FedRAMP (Federal Risk Authorization Management Program)

  • FISMA (Federal Information Systems Management Act)

  • NIST RMF (Risk Management Framework) Supporting Systems Security Assessment and Authorization (SA&A) for Federal Agencies

  • Privacy Impact Assessment (PIA)

  • Minimum 4 yrs experience and Bachelor’s degree in Computer Science, Information Technology or related discipline.

  • CISSP, CISA, CISM, GSNA, or similar cybersecurity or information security certification

#GDITpriority

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.