Information Security Analyst - IAVA - TS/SCI

Orlando, FL
Jul 25, 2017
Aug 29, 2017
Full Time
GENERAL SUMMARY: Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction through the participation and support of an Information Assurance Vulnerability Management (IAVA) program.



    Performs scans and document results on a variety of systems to identify vulnerabilities, and potential security issues for remediation to ensure STIG and IAVM compliance.Performs Information Assurance Vulnerability Alert (IAVA) Patch Management for a large organization, coordinates with other government agencies to record and report incidents.Communicates alerts to agencies regarding compromises to their network infrastructure, applications and operating systems.Assists with implementation of counter-measures or mitigating controls.Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.Support the development and testing of Linux and Windows operation system and application lock-down for the training systems consistent with DIACAP and Risk Management Framework (RMF) Requirements.Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.May serve as a technical team or task leader.Maintains current knowledge of relevant technology as assigned.Participates in special projects as required.
Education Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

Qualifications Position requires 8-10 years of related experience in information assurance and data security administration.


 Required Skills and Abilities:

    Familiarity with Assured Compliance Assessment Solution (ACAS/Tenable SecurityCenter and Nessus).DISA SCAP Compliance Checker (SCC) and Manual STIG Review using DISA STIG Viewer.Experience reviewing and implementing DISA STIGs across a variety of operating systems and technologies including Windows, Linux, Cisco, Oracle, and others.Certified Information Systems Security Professional (CISSP) certificationLinux shell scriptingUnderstanding of DHS/DoD policies and procedures, including DoD 8570, FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.Knowledge of Risk Management Framework (RMF), including transitioning from DIACAP to RMF.CISCO IOS administration knowledge, including configuring VLANS. CCNA or CCNP a plus.

Preferred Skills and Abilities:

    Advanced knowledge of Information Assurance, and data security administration principles, methods, and techniques.Red Hat Certified Engineer (RHCE) or Microsoft Certified Systems Engineer (MCSE) and Linux + certifications.VMware Certified Professional 6 Data Center Virtualization (VCP6-DCV) (5.0 or 5.5 or 6.5)Windows PowerShell scriptingOracle Database administration
  As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.