NSWC-Crane Info. Security Analyst Senior

Clearance Level
Secret
Category
Information Security
Location
Odon, Indiana

REQ#: RQ46724

Travel Required: None

General Dynamics Information Technology (GDIT) is seeking a Vulnerability Assessment and Authorization Security Specialist to support our Navy customer in Crane Indiana.

If you are seeking an opportunity to support our nation's military, work at one of the largest naval bases in the US, live in a place with low cost of living, low crime and on a program that has many excellent opportunities within a Fortune 100 company - then this position is perfect for you. Be a part of the men and women that solve some of the world's most complex technical challenges!

The Vulnerability Assessment and Authorization Security Specialist will be responsible for the following:

  • Manage all Information Assurance activities, responsible for enabling the ongoing assessment and ongoing authorization of systems utilizing Risk Management Framework (RMF) and automated Security Assessment and Authorization tools.
  • Implements NIST Security Controls and Control Implementation methodologies to the SA&A process
  • Briefs senior level internal and external customers on the latest RMF policies and procedures as well as adherence on the program
  • Understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN)
  • Facilitates and monitors information assurance (IA) processes for new projects including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M)
  • Development of all Security Authorization artifacts and documentation and assembling of Authorization packages
  • Responsible for administration and adherence of the Risk Management Plan
  • Responsible for implementing and applying technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
  • May provide intrusion support to high technology investigations in the form of network assessments.
  • Researches tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption.
  • Assesses integrated system solutions ensuring proprietary / confidential data and systems are protected in accordance with mandated standards.
  • Participates with the client in the strategic process to translate security and business requirements into authorization packages.
  • Validates secure systems and may test security products/systems to detect computer and information security weakness. Assists in the generation of security architecture documentation.
  • Provides critical written and verbal analyses of previously generated security architecture documentation as a part of vulnerability and risk assessments.
  • Designs and implements plans of action and milestones (POA&M) to remediate findings from vulnerability and risk assessments. 
  • Provides information assurance for digital information, ensuring its confidentiality, integrity, and availability.
  • Responsibilities include the development of authorization packages to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indications of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards.

Education and Experience:

  • Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience
  • 8+ years of related experience in data security administration
  • Well-developed understanding of Systems Development Lifecycle (SDLC)
  • Intimate understanding of RMF implementation guidance.
  • Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), Certified Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP-US/G/M) certifications preferable.
  • Secret Security Clearance

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.