NSWC Crane - A&A Information Assurance Engineer
REQ#: RQ74785 NSWC Crane - A&A Information Assurance Engineer (Open)
Travel Required: None
Public Trust: None
Requisition Type: Regular
Job Description
Be a part of the men and women that solve some of the worlds most complex technical challenges! General Dynamics Information Technology (GDIT) is seeking an Assessment and Authorization Security Specialist to support the Navy Surface Warfare Center in Crane, Indiana.
If you are seeking an opportunity to support our nations military, work at one of the largest naval bases in the US, live in a natural place with low cost of living, low crime and on a program that has many excellent opportunities within a Fortune 100 company - then this position is perfect for you.
The Assessment and Authorization Security Specialist (Information Assurance) will be responsible for the following:
Manage all Information Assurance activities, responsible for enabling the ongoing assessment and ongoing authorization of systems utilizing Risk Management Framework (RMF) and automated Security Assessment and Authorization tools.
Analyzes NIST Security Controls and the Implementation methodologies to the A&A process
Briefs senior level internal and external customers on the latest RMF policies and procedures as well as adherence on the program
Understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA)
Facilitates and monitors information assurance (IA) processes for new projects including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M)
Gathers developed artifacts and documentation to provide objective quality evidence in support of Authorization packages
Responsible for administration and adherence of the Risk Management Plan
Responsible for ensuring the implementation of applied technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access is in place.
Assesses integrated system solutions ensuring proprietary / confidential data and systems are protected in accordance with mandated standards.
Participates with the client in the strategic process to translate security and business requirements into authorization packages.
Validates secure systems and may test security products/systems to detect computer and information security weakness.
Provides critical written and verbal analyses of previously generated security architecture documentation as a part of vulnerability and risk assessments
Analyzes plans of action and milestones (POA&M) to ensure remediation of findings from vulnerability and risk assessments is occurring.
Analyzes information assurance for digital information, ensuring its confidentiality, integrity, and availability.
Responsibilities include the development of authorization packages to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indications of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards.
REQUIRED QUALIFICATIONS:
BA/BS in Computer Science or a related technical discipline (or equivalent experience)
5+ years of information assurance experience supporting DoD programs
Experience with the Systems Development Lifecycle (SDLC) and RMF implementaions
Authorization Professional (CAP), Certified Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP-US/G/M) certifications preferable.
Secret clearance
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.