|Preferred GIAC Certifications||GSEC, GCIH, GCFA, GCIA, GCFE|
|Contact Name||Alex Lott|
GDIT has an immediate position available supporting a Federal client’s Information Security Program. The cyber analyst position will be responsible for developing and conducting the agency’s Assessment and Authorization program. The candidate should have a good IT foundation and deep experience with understanding the implementation of cyber security controls in the Federal space. The candidate must have excellent verbal and written communication skills to draft agency wide policies and procedures. Candidate must be able to synergize and explain risks in a manner that can translate to all levels of professionals within the CIO office including technical engineers and C suite decision makers.
Developing security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments
Manage the agency’s transition to a Risk based approach to accreditations. Implement and provide a roadmap of continuous monitoring capabilities for the agency.
Coordinating access to systems and approvals for scanning activities Conducting ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation Reviewing system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context
Documenting plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities
Draft security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirements
Routinely conduct risk assessments to quantify impacts of vulnerabilities or decisions to the federal government.
BS in Engineering, Computer Science or related Science degree
Certified Information Systems Security Professional
Minimum of 5 years managing and conducting A&A engagements.
5 years experience in information security fundamental/principles