Senior Information Security Analyst - TS/SCI - Ft. Huachuca, AZ
Information Security Analyst - Senior/Lead
Ft. Huachuca, AZ
The Senior Information Security Analyst will be the Senior Certification and Accreditation Engineer on the DCGS-A Integration Team responsible for the implementation of the DoD RMF (Risk Management Framework) that supports development, integration, test, and cyber security of the DCGS-A family of systems and products.
Specifically the Senior Certification and Accreditation Engineer will:
1. Create, track, develop, plan, write and edit complex operational, instructional, maintenance or manuals for various DCGS-A systems in order to: meet program requirements for technical documentation and style and Cyber Security requirements.
2. Gather text and materials by researching products and data, conducting in depth interviews with various users, technical staff and subject matter experts in order to analyze, interpret and convert the information into end-user military standard documentation and reference materials.
3. Provide recommendations and ideas to the Cyber Security team, project leads, management and the customer on best work practices, workflow, presentation, structure and organization of materials by developing new work processes and methods using existing authoring tools, new authoring tools and third party plug-ins in order to improve work process efficiency and overall quality of customer deliverables.
4. Report project status, issues or concerns, including issues of scope, and scheduling.
5. Identify security risk analysis, mitigation, evaluation, and reporting in support of IA C&A processes.
6. Develop and prepare technical reports and related documentation for Certification and Accreditation packages.
7. Provide detailed system test and scan reports as well as the Plan of Action and Methods document for all tested systems/networks.
8. Research and analyze DoD and Department of the Army policies to mitigate implementation problems that may impact the ACAS implementation.
Other responsibilities may include:
1. Perform Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
2. Monitor and analyze Intrusion Detection Systems to identify security issues for remediation.
3. Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
4. Evaluate firewall change requests and assess organizational risk.
5. Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
6. Assist with implementation of counter-measures or mitigating controls.
7. Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
8. Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
9. Prepare incident reports of analysis methodology and results.
10. Provide guidance and work leadership to less-experienced technical staff members.
11. Maintain current knowledge of relevant technology as assigned.
12. Participates in special projects as required.
Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 5-8 years of related experience in data IT security administration.
1. At a minimum must be DoD 8570 IAT Level 2 compliant certified, i.e. Security+ CE or SSCP and technical computer environment certification or training to start. Must be able to obtain IAT Level 3 (CISA, GCIH, GCED, CASP, or CISSP) within 6 months.
2. Current TS/SCI clearance.
3. A bachelor's degree in Computer Science or other Engineering or Technical Discipline and ten years of professional work experience (or twelve years' of professional experience, appropriate computing environment certification, and IA Workforce System Architecture and Engineer (IASAE) Specialty qualified experience in place of a degree) is required.
4. Must be knowledgeable with the Security Technical Implementation Guides (STIGs), and all assessment and authorization policies and directives (i.e., DoDI 8510.01) for RMF.
5. Excellent working knowledge of DoD MIL Standards and style guides and the ability to adhere to and implement such standards to technical documentation.
6. At least 2 years' experience with Microsoft Office at the power user level or above.
7. Familiarity with the DIACAP program.
8. Ability to work independently and in a mentorship position.
1. IAT-III compliant
2. Direct experience with a DCGS-A FOS Accreditation Body of Evidence (BOE) package.
3. Formal EMASS training.
4. FedVTE ACAS certified.
5. Firsthand experience with a successful RMF program.
6. Military experience desired. Completion of U.S military NCO or Senior NCO Academy Course or Officer Basic or Advanced Course is preferred.
7. Exceptional oral and written communication skills, ability to work independently with minimal supervision, and results-focused mindset are highly desirable.
GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.
#djobs #dpost #cjpost #rcellich #clearedjobs #jobopening #clearancejobs