Princ Analyst, Info Security
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
- Performs Cybersecurity activities (formally known as IA - Information Assurance) for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of program policy, standards, and operating procedures.Directs and manages team resources to conduct Cybersecurity activities, and reports to senior GDIT and government personnel on overall program security posture.Audits networks and systems for vulnerabilities using Security Technical Implementation Guides (STIGs), ACAS vulnerability scanner, and DISA SCAP to mitigate those findings for Solaris, Linux, Windows, and associated network operating systems.Creates, tracks and reviews Plan of Action and Milestones (POA&Ms) and Risk Acceptances, and conducts a technical decomposition categorization; remediation; and lien resolution.Communicates tactical and strategic threat information to Government leaders, Cybersecurity-Ops and C&A Staff to assist them in making cyber risk decisions and to mitigate threats.Carries out DOD Risk Management Framework in accordance with DODi 8510 to ascertain information systems' security posture by utilizing security control validation activities and coordinating security testing.Maintains the Security Accreditation status of US government/DoD Networks and its interconnected systems; Maintains security accreditation documentation;Coordinates with USAF, DISA, and other organizations in support of audits and inspections and provides any required documentation in support of such audits/inspections such as but not limited to SAVs, ST&Es, and CCRI.Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.Develops policies to recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.Works closely with the Information Systems Security Engineer on developing policies on preliminary forensic evaluations of internal systems.Interfaces with client to understand their security needs and oversees the development and implementation of procedures to accommodate them.Ensures that the user community understands and adheres to necessary procedures to maintain security.Weighs business needs against security concerns and articulates issues to management and/or customers.Maintains current knowledge of relevant technology as assigned.Provides guidance in the creation and maintenance of Standard Operating Procedures and other similar documentationParticipates in special projects as required.
- 7-10 years of related experience in data security administration, including supervisory experience.Desired supervisory skills.Preferred experience in Air Defense Remote/Radar Remote Site Communications SystemsPossess and maintain a Secret Security Clearance.Requires advanced knowledge of data security administration principles, methods, and techniques.Requires familiarity with domain structures, user authentication, and digital signatures.Requires knowledge in the use of a variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances, HBSS, ACAS)Host Base Security System (HBSS) Certificate/ACAS completion certificate preferredDesired expertise in the following concepts for the successful candidate: DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists.Must have the ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic; fast-paced; team-oriented environmentRequires in-depth understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53 Rev 4, DHS 4300A SSH, the Risk Management Framework (RMF), and other applicable policies.This position may be required to complete travel assignments an estimated 15% of the time.