Sr. Security Analyst C&A
General Dynamics - IT - Washington, DC

This job posting is no longer available on General Dynamics - IT. Find similar jobs: Senior Security Analyst C jobs - General Dynamics jobs

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors. With approximately 24,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services. General Dynamics Information Technology is an Equal Employment Opportunity and Affirmative Action employer.

General Dynamics IT has an immediate need for a Senior Security Analyst in a mid-sized federal agency in Washington, DC.

The candidate will develop and/or maintain system Certification and Accreditation (C&A) documentation. Duties will include security plans, Information Assurance (IA), risk assessments, certification test plans and security test cases and evaluations using existing processes and procedures.

Essential Duties:
  • Conduct Certification and Accreditation (C&A) and perform all continuous monitoring functions to maintain Systems Authorization to Operate (ATO).
  • Oversight and maintenance on all POA&M's from the assigned Certification and Accreditations.
  • Develop and complete security plans based on the National Institute of Standards and Technology (NIST) Security Publications.
  • Operate and provide guidance of security program that includes Governance (C&A, Continuous Monitoring, FISMA, NIST and FERC Policies and Procedures), and Operations (Security Operations Center, Vulnerability Management, Incident Response, Security Incident and Event Management).
  • Use risk management techniques to develop and complete risk assessments based on NIST standards to ensure IA design sufficiently mitigates IA risk.
  • Develop and conduct security tests and evaluations based on NIST 800-53A.
  • Act as Member of Computer Incident Response Team (CIRT)
  • Prepare and analyze reports for Security Program Operations as well as Governance.
  • Prepare certification analysis and reports and provide certification recommendations to the client.
  • Provide impact analysis on local Federal Civilian Agency with regard to updates and version changes on NIST 800-53A, SP800-18, SP800-30 and FISMA notices and changes as required.
  • Utilize proficient, clear and concise English written and verbal communication skills in order to effectively interact with clients. Additionally, must be able to communicate with individuals at various levels of expertise in subject areas of concern.
  • Work in a team environment.
  • Bachelor's Degree in a Computer Science or related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
  • 10-15 years overall experience in related security disciplines.
  • Minimum of five (5) years IT/technical experience including two (2) or more years of progressive information security experience with Federal Government projects.
  • Minimum of two (2) years of hands-on experience in the following:
o Conducting security assessments and documenting the results using NIST 800-53A.

o NIST SP800-18 Guide for Developing Security Plans for Federal Information Systems.

o NIST SP800-30 Risk Management Guide for Information Technology Systems.

o NIST SP800-53 Recommended Security Controls for Federal Information Systems.

  • Familiarity with scanning tools - AppDetective, WebInspect, Websense , Tenable Security Center (Nessus) a plus.
Certifications:
  • One or more of the following IT Security Certifications are required:
o Certified Information Systems Security Professional (CISSP)

o Systems Security Certified Practitioner (SSCP)

o Certification and Accreditation Professional (CAP)

o Microsoft Certified Systems Engineer: Security (MCSE: Security)

o Cisco Certified Security Professional (CCSP)

o Certified Information Security Manager (CISM)

o Certified Information System Auditor (CISA)

o Certified Information Security Manager (CISM)

o GIAC Security Expert (GSE)

o GIAC Systems and network Auditor (GSNA)

  • SANS certifications desired, but not required.
Additional Information

Relocation
No

Security Clearance Level
Background Check

Security Clearance Basis
None

Security Clearance Polygraph
None

Job ID Number
207730

Job Function
Information Technology

Potential for Deployment
No

Take Action

About this company
614 reviews
General Dynamics Corporation (General Dynamics) offers a portfolio of products and services in business aviation; combat vehicles, weapons...