Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs - Sr SOC Incident Responder Washington, DC GSEC, GCIH, GCFA, GCIA, GCFE InfoSec Jobs

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Sr SOC Incident Responder
Location Washington, DC
Preferred GIAC Certifications GSEC, GCIH, GCFA, GCIA, GCFE
Travel 0%
Salary DoE
Contact Name Alex Lott
Contact Email alex.lott/at/
Expires 2018-08-29

Job Description

GDIT has an immediate position available supporting a Federal client’s Information Security Program. The cyber analyst position will be responsible for developing and conducting the agency’s Assessment and Authorization program. The candidate should have a good IT foundation and deep experience with understanding the implementation of cyber security controls in the Federal space. The candidate must have excellent verbal and written communication skills to draft agency wide policies and procedures. Candidate must be able to synergize and explain risks in a manner that can translate to all levels of professionals within the CIO office including technical engineers and C suite decision makers.

Responsibilities include:

Developing security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments
Manage the agency’s transition to a Risk based approach to accreditations. Implement and provide a roadmap of continuous monitoring capabilities for the agency.
Coordinating access to systems and approvals for scanning activities Conducting ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation Reviewing system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context
Documenting plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities
Draft security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirements
Routinely conduct risk assessments to quantify impacts of vulnerabilities or decisions to the federal government.

Desired Experience:

BS in Engineering, Computer Science or related Science degree
Certified Information Systems Security Professional
Minimum of 5 years managing and conducting A&A engagements.
5 years experience in information security fundamental/principles