|Date Posted||August 15, 2019|
Provides information assurance subject matter expertise and support to customer throughout the life-cycle of the program. Verifies that system security postures are implemented as stated, documents deviations, and recommends actions to correct those deviations. Performs functional analyses and allocation of security controls to meet security requirements.
Determines testing methodologies and verifies information protection assurance mechanisms are correctly implemented and traceable to security requirements. Performs validation steps, comparing actual results with expected results and analyzing the differences to identify impact and risks. Responsible for developing methods to monitor and measure risk, compliance and assurance efforts. Ensures documentation is complete and supports the systems compliance with IT security and dependability requirements.
- Has full technical knowledge of all aspects of Information Security
- Excellent communication skills; shows tact, effective listening skills and follow through
- Provides technical guidance and leadership to engineers with less experience
- Provides input to system life-cycle support plans, operational procedures, and maintenance training materials
- Responsible for ensuring stakeholder concurrence is obtained. Conducts CRRs, drafts C&A documentation to include Security CONOPS, SRTM, SSP, ST&E plans and reports
- Ensures documentation is complete and supports verification of the system security requirements
- Responsible for drafting statements of preliminary or residual security risks for system operation and making technical determinations to mitigate identified risks related to the development of information systems
- Develops Plan of Action and Milestones (POA&M) to address deficiencies
- Provides project management support with initiating, planning, executing, monitoring and controlling, and closing engineering efforts
- Thorough understanding and practical expertise with Intelligence Community Directive 503 (ICD 503) and National Institute of Standards and Technology (NIST) Risk Management Framework
-BA/BS or equivalent + 10 yrs. of experience in Information Security
|||-Must have a Top Secret-SCI security clearance or be SCI eligible
-CISSP-ISSAP or CISSP-ISSEP - Preferred
For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.