Information Security Analyst (Senior/Advisor)
Fort Gordon, GA
TS/SCI is required.
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
Person chosen for this role will know and use senior-level IA and security concepts, practices and procedures; possesses an understanding of compartmented programs; requires detailed knowledge of the IC Directives, DOD Directives, DCID instructions and methods; must have extensive knowledge of the various IT system security implementations (to include: hardware (e.g. servers, routers, etc.), software (e.g. OS, mail services, CISCO ISO, etc.), system audits, overall IA, access control systems and methodologies, physical security and information security); requires experience with system or network administration and design; requires experience in preparing and implementing Certification and Accreditation policies and procedures; requires experience equivalent to those of an IAM; requires experience serving as security oversight of a facility or several system areas; requires experience in performing security assessments of an IT nature; can demonstrate basic project lead skills; requires good verbal and written communications skills; basic office, administrative and organizational skills; and advanced computer skills with Windows OS and Microsoft Office Products.
Perform assigned tasks using established policies and procedures; performs work that is varied, that may be somewhat difficult in character and involves limited supervision; assists with design and requirements for information systems; assists in mentoring intermediate level employees; can serve as an Information Assurance Officer and as a Information Assurance Manager; composes, maintains, and evaluates Certification and Accreditation documentation; ensures system configuration guidelines are followed and monitors system performance for compliance with IA requirements; recommends changes to system designs and configurations; participates and may lead risk assessments of information systems; ensures necessary reporting is captured and maintained for evaluation; ensures conformity of password policies and security counter measures; implement or monitor Information Assurance (IA) safeguards for systems IAW approved plans; can lead conducting tests of IA safeguards in accordance with test plans; perform system audits to assess security related factors for systems; assist with or perform other IA tasks in consonance with Information Assurance Manager; perform other information assurance or administrative tasks; and handle personal, confidential and Privacy Act information in a professional manner.
1. Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
2. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
3. Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
4. Evaluate firewall change requests and assess organizational risk.
5. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
6. Assists with implementation of counter-measures or mitigating controls.
7. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
8. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
9. Prepares incident reports of analysis methodology and results.
10. Provides guidance and work leadership to less-experienced technical staff members.
11. Maintains current knowledge of relevant technology as assigned.
12. Participates in special projects as required.
13. Perform ACAS and HBSS scans.
BA/BS Degree or equivalent combination of experience, education and training.
10+ years of experience.
CAP - Certified Authorization Professional
CASP-CompTIA Advanced Security Practitioner
Certified Chief Information Security Officer (CCISO)
GIAC Security Leadership Certificate (GSLC)
For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.