Risk Analyst - IT Governance, Risk, and Compliance

Location
Herndon USA-VA-Fairfax USA-MA-Westwood, VA
Posted
May 03, 2017
Closes
May 26, 2017
Function
Analyst, IT
Hours
Full Time
The Risk Analyst is responsible for supporting the IT governance and risk management processes including assessment of third party, cloud and cyber controls for the GDIT enterprise.
Specific responsibilities include:


• Document IT risks across third party, cyber and cloud environments to ensure protection of GDIT assets
• Maintain and regularly update the centralized IT risk registry in support of the enterprise IT risk management program
• Collaborate with cloud access security broker, application service providers and business line units to develop standards, processes and control design documentation in support of regulatory control frameworks
• Partner with leadership and/or key stakeholders to provide recommendations to reduce IT risk
• Document risk treatment plans and monitor remediation actions through the Plan of Action & Milestone (POAM) process
• Develop key performance indicator (KPI) / key risk indicator (KRI) metrics and communicate reporting to leadership on a periodic basis
• Provide support to the IT Project Management Office (PMO) processes to ensure risks are proactively discussed and managed
• Support cyber control testing, entity governance reviews and internal/external audit engagements, as deemed necessary
Perform adhoc special projects, as deemed necessary

Education BBA/BS/MS/MBA degree or a related technical discipline, or the equivalent combination of education, professional training or work experience.

Qualifications • 2-5 years of related experience in IT governance, IT risk management, third party assessments and/or cloud security frameworks
• Working knowledge and/or familiarity with NIST 800-53, NIST 800-30, Defense Federal Acquisition Regulations Supplement (DFARS) and/or Plan of Action & Milestone (POAM)
• Relevant industry certifications preferred

  As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.