General Dynamics Information Technology Hiring for Information Security Specialist at Kings Bay Full Time

Type of Requisition: Regular

Clearance Level Must Be Able to Obtain: None

Public Trust/Other Required: NACI (T1)

Job Family: Information Security

Project-specific Job Description:

IT Security Specialist Responsibilities

The Information Technology Security Expert will:

• Provide oversight of information systems security program for applications and systems within the eDiscovery Division’s (EDD) authorization to operate (ATO) boundary.

• Ensure EDD on premises and cloud systems obtain and maintain an (ATO).

• Advise EDD Leadership and other team members on the optimal methods to meet security requirements while minimizing impact and delays in meeting mission requirements.

• Develop, update and prepare security authorization packages

• Develop core documents including System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plan

• Maintain Plan of Action and Milestones and supports remediation activities

• Review corrective action plans for audits and internal control reviews and assesses compliance with guidelines for privacy and security controls established by OMB, GAO and NIST.

• Proactively mitigate system vulnerabilities and recommends compensating controls

• Maintain an inventory of hardware and software for the information system

• Develop, coordinate, test and train on Contingency Plans and Incident Response Plans

Should be familiar with the following:

Federal Government Information Assurance policies and regulations to include OMB requirements, FISMA, and NIST 800 series • OMB A-123 circular; OMB A-130 circular; FIPS 140, 199, 200, 201; NIST SP 800-18, 37 Revision 1, 39, 53 Revisions 3 and 4, 53A Revision 1, 60 Volumes 1 and 2, 800-64 Revision 2, 137, 144, 147; CNSS 1253 and risk management methodologies

Requirements:

• Minimum Education: Bachelor’s Degree

• Proficiency in writing technical analysis reports

• Strong written and oral communication skills

• Critical thinking

• Project management (ability to track detailed tasks and ensure timely delivery)

• Ability to work quickly, efficiently and accurately in a dynamic and fluid environment

• Experience and or knowledge of eDiscovery and associated applications (not required, but preferred)

General position duties:

Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation

Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information

Evaluates firewall change requests and assesses organizational risk

Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems

Assists with implementation of countermeasures or mitigating controls

Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans

Develops, tests, and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools

Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure

Researches, evaluates, tests, and implements new security software or devices

Conducts routine investigations of information systems security violations and incidents, reporting as necessary to management

Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices

Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs

Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance

Prepares incident reports of analysis methodology and results

Ensure compliance with regulations and privacy laws

EDUCATION AND EXPERIENCE: BA/BS or equivalent, 3-5 years of experience (5+ strongly preferred)

COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.