Information Security / FISMA Compliance Senior Analyst

Clearance Level
Secret
Category
Information Security
Location
Arlington, Virginia

REQ#: RQ66392

Travel Required: None
Public Trust: NACI (T1)
Requisition Type: Regular

General Dynamics Information Technology (GDIT), a leading provider of systems engineering, integration, IT service operations and support solutions, is seeking talented professionals to deliver valuable services and solutions to our customers.  GDIT has a great team consisting of experienced and knowledgeable managers who lead and support the career development objectives of our employees.  Our employees consider the company to be a solid partner in their career, with an abundance of opportunities for advancement.

General Dynamics Information Technology is seeking a Security Compliance Engineer working with OFDA in support of USAID, located in Arlington, Virginia. The Security Compliance Engineer will assist in the review, preparation, and implementation of security documentation and related security plans, CONOPS, and SOPs.  Supports security incident investigations while identifying root causes and corrective actions. 

  • Development of System Security Plans
  • Processes required to achieve and maintain all Authority to Operate (ATO) & Interim Authority to Test (IATT) approvals
  • Reporting on Federal Information Security Management Act (FISMA)
  • Creation and management of all Plan of Action and Milestones,
  • Review and compliance activities associate with Continuous Monitoring and Risk Scoring / RMF
  • Strong communication, leadership, and organizational skills
  • Document relevant NIST 800-53 Security Controls and/or applicable departmental policies for each assigned FISMA system
  • Ensure IT systems in assigned FISMA boundary are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package
  • Conduct annual self-assessment and annual Ongoing Authorization reviews of Information Systems to ensure compliance with the security authorization package
  • Coordinate with systems administrators to perform system scans for continuous monitoring to include but not limited to network devices, servers, databases, web services, applications, etc.
  • Perform compliance audits, participate in incident handling Perform review of audit logs and continuous monitoring tools for systems within the FISMA boundary to identify anomalies, hacking or insider threats, zero day remediation steps, end of life software, and other required actions
  • Evaluate changes to determine security relevance, and make recommendations for approval or denial
  • Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each managed IT System.
  • Proper documentation shall be filed and updated as required
  • Manage applicable POA&Ms throughout the lifecycle of the IT system. This includes but is not limited to the drafting of well documented waivers and exceptions detailing the potential risk to the Authorizing Official

Required Qualifications:

  • Minimum of five (5) years of experience
  • Active Public Trust or Secret Clearance

Desired Qualifications:

  • BA/BS in IT related field commensurate experience.
  • IAT I Level certification and CompTIA Security+ Certification are desired.
  • Experience tracking and reporting procedures, and familiarity with FISMA, RMF, and other information security-related federal guidelines
  • Experience in testing and evaluation of security controls
  • Ability to evaluate threats and vulnerabilities, document and report findings and make recommendations for improvement

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

#DPOST

#CJPOST

#ERP

#ComebackGDIT

#opportunityOwned

#GDITCareers

#GDITLife

#WeAreGDIT

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.