As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors. With approximately 24,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services. General Dynamics Information Technology is an Equal Employment Opportunity and Affirmative Action employer.
General Dynamics IT has an opening for a Certification & Accreditation SME in Washington, DC.
1. Bachelors Degree in a related discipline.
- Providing Information Technology Security Certification and Accreditation (C&A) guidance.
- Facilitating initial briefings and subsequent meetings of the C&A core team.
- Coordinating the completion of a BIA for each information resource.
- Working with the Privacy Office on privacy-related requirements.
- Recommending security requirements to executive sponsors and portfolio managers during the BIA process based on generally accepted industry practices, the operating environment [e.g., hosted in the de-militarized zone (DMZ)], and the risks associated with the information resource.
- Providing guidance on how information resources are vulnerable to threats, what controls and countermeasures may be appropriate, and the C&A process.
- Reviewing and evaluating C&A documentation, including the BIA, Risk Assessment, Security Plan, Security Test and Evaluation (ST&E) plan and report, and independent reviews of the information resource.
- Preparing the C&A Evaluation Report.
- Escalating security concerns or forwarding the C&A Evaluation Report and supporting C&A documentation package to the certifier.
- Work with the ISSO to complete C&A artifacts and sending the other required artifacts (e.g., TAD and security specifications for procurements) to the ISSO.
2. Masters Degree preferred.
Required experience and qualifications:
13+ years relevant experience demonstrated expertise in proposed discipline.
Knowledge and experience with managing Payment Card Industry (PCI) applications through the C&A process
Experience with a wide variety of NIST Special Publications
Experience with a wide variety of NIST FIPS Publications 10
Government and industry best practices
Assessment of sensitivity and criticality
Configuration and change control
Risk assessment methodology
Business continuity management
Ongoing testing of controls
Defense in depth
Highly desirable experience:
A thorough understanding of the USPS Technology Solution Lifecycle Process (TSLC) and Information Resource Security Certification and Accreditation (C&A) processes.
Managed the end-to-end C&A process for USPS Business Applications and Infrastructure Systems
Secure software development
Security code review standards
Remote access management
Virus and malicious code protection
Intrusion detection and prevention
Vulnerability scans and audit
Highly desirable to hold one or more of the following credentials:
Certified Information Systems Security Professionals (CISSP)
Certified Authorization Professional (CAP)
Certified Secure Software Lifecycle Professional (CSSLP)
Successful candidate must be able to obtain and retain a USPS security clearance. Candidate must be authorized to work in the US and a resident of the US for the previous 5 years with no longer than a 90 day absence.
Security Clearance Level
Security Clearance Basis
Security Clearance Polygraph
Job ID Number
Potential for Deployment
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT),...