Senior Cyber Security Analyst
United States
Full-time
1 week ago
$113,000 - $150,000 USD
No H1B
Key skills
RDSRisk Management
About this role
General Dynamics Information Technology (GDIT) is seeking an Information Systems Security Senior Analyst (ISSSA) to support the U.S. Environmental Protection Agency (EPA). In this role, you will maintain security and privacy control implementation deliverables, review cyber security vulnerabilities, and ensure compliance with federal requirements.
Responsibilities:
- Review identified cyber security vulnerabilities and assist with the recommendation, documentation, and implementation of appropriate mitigations or countermeasures
- Conduct and support, when assessed or audited, periodic reviews of the information system to ensure compliance with the security and privacy authorization package (currently NIST 800-53 Rev. 5)
- Review, create, and enhance security and privacy documentation to the system infrastructure or software to ensure continued compliance with security and privacy requirements
- Coordinate the response to the annual continuous monitoring assessment audit, and ensure the system’s continued Authorization to Operate (ATO)
- Ensure audit evidence are collected, reviewed, and documented, including any risk determinations (RDs) and plans of actions and milestones (POA&Ms)
- Identify and notify the program manager when changes occur that might affect the authorization determination for the information system
- Provide analysis of systems, hardware, software, and maintenance needs
- Create and review annually the security- and privacy-related documentation
- Develop, coordinate and conduct training and tabletop exercises related to continuity of operations, contingency planning, incident handling, awareness, etc
- Update control implementation tools like XACTA to maintain compliance against NIST 800-53 rev 5
- Coordinate with other EPA organizational entities to ensure compliance with EPA and other federal requirements, specifications, and reporting
- Prepare reports on the status of system security and privacy, vulnerabilities, responses to
Requirements:
- 5 + years of related experience
- US Citizenship Required: Yes
- Education: Masters or Bachelor's degree in Computer Science, Information Security, Cyber Security, or relevant discipline
- Required Experience: Five (5) years of related experience
- Prior performance in roles such as security, privacy, system administration, and/or networking administration
- Knowledge of NIST SP-800-53, Rev 5
- Familiarity with system security and privacy within cloud environments and FedRAMP
- Demonstrated experience with risk management and auditing
- Excellent verbal and written communications skills, including the ability to communicate complicated technical information
- Certifications: Security+, CISSP, CISA, CISM, and/or cloud-based security certification (e.g. CCSP, COMPTIA Cloud+, or equiv) preferred
- Clearance Required: Position of Trust or greater (can be obtained after starting)