Performs Cybersecurity activities (formally known as IA - Information Assurance) for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of program policy, standards, and operating procedures.Directs and manages team resources to conduct Cybersecurity activities, and reports to senior GDIT and government personnel on overall program security posture.Audits networks and systems for vulnerabilities using Security Technical Implementation Guides (STIGs), ACAS vulnerability scanner, and DISA SCAP to mitigate those findings for Solaris, Linux, Windows, and associated network operating systems.Creates, tracks and reviews Plan of Action and Milestones (POA&Ms) and Risk Acceptances, and conducts a technical decomposition categorization; remediation; and lien resolution.Communicates tactical and strategic threat information to Government leaders, Cybersecurity-Ops and C&A Staff to assist them in making cyber risk decisions and to mitigate threats.Carries out DOD Risk Management Framework in accordance with DODi 8510 to ascertain information systems' security posture by utilizing security control validation activities and coordinating security testing.Maintains the Security Accreditation status of US government/DoD Networks and its interconnected systems; Maintains security accreditation documentation;Coordinates with USAF, DISA, and other organizations in support of audits and inspections and provides any required documentation in support of such audits/inspections such as but not limited to SAVs, ST&Es, and CCRI.Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.Performs preliminary forensic evaluations of internal systems.Interfaces with client to understand their security needs and oversees the development and implementation of procedures to accommodate them.Ensures that the user community understands and adheres to necessary procedures to maintain security.Weighs business needs against security concerns and articulates issues to management and/or customers.Supervises assigned staff.Maintains current knowledge of relevant technology as assigned.Provides guidance in the creation and maintenance of Standard Operating Procedures and other similar documentationParticipates in special projects as required.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
10-12 years of related experience in data security administration, including supervisory experience.Must have effective supervisory skills.Must possess and maintain a TS/SCI Security Clearance Must be able to achieve Security+ CE Certification (or equivalent) within 90 days of hire for positions requiring elevated privileges and ITIL V3 Foundation within six months of hire.Certification in one or more specific technologies may be required, depending on job assignment. IAM Level II (CASP or CISSP) required in accordance with DOD 8570.1MHost Based Security System (HBSS) Certificate/ACAS completion certificate preferredRequires advanced knowledge of data security administration principles, methods, and techniques. Requires familiarity with domain structures, user authentication, and digital signatures. Requires knowledge in the use of a variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances, HBSS, ACAS)Requires expertise in the following concepts is also desired for the successful candidate: DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists.Requires working Knowledge of UNIX/LINUX/Windows/Networking/Database (MS-Access, MS T-SQL and Oracle).Must have the ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic; fast-paced; team-oriented environmentMust liaise with national, NATO and other international bodies and individuals as required.Requires in-depth understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53 Rev 4, DHS 4300A SSH, the Risk Management Framework (RMF), and other applicable policies. Requires a working knowledge of coalition organizations and procedures, to include writing and implementing multination security test plans to meet US and NATO standards and specificationsThe work is typically performed at client site locations, which requires proper safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment. This position may be required to complete short-term deployments to austere locations worldwide.
The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job. Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job.As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.