Senior Cyber Security Analyst
United States
Full-time
1 week ago
$113,000 - $150,000 USD
No H1B
Key skills
NIST SP-800-53Risk ManagementCyber SecurityCloud SecuritySecurity CertificationsVerbal CommunicationWritten CommunicationRDS
About this role
General Dynamics Information Technology (GDIT) is a global technology and professional services company supporting the U.S. Environmental Protection Agency (EPA). They are seeking a Senior Cyber Security Analyst to maintain and enhance security and privacy controls based on NIST standards, ensuring the operational security of critical systems.
Responsibilities:
- Review identified cyber security vulnerabilities and assist with the recommendation, documentation, and implementation of appropriate mitigations or countermeasures
- Conduct and support, when assessed or audited, periodic reviews of the information system to ensure compliance with the security and privacy authorization package (currently NIST 800-53 Rev. 5)
- Review, create, and enhance security and privacy documentation to the system infrastructure or software to ensure continued compliance with security and privacy requirements
- Coordinate the response to the annual continuous monitoring assessment audit, and ensure the system’s continued Authorization to Operate (ATO)
- Ensure audit evidence are collected, reviewed, and documented, including any risk determinations (RDs) and plans of actions and milestones (POA&Ms)
- Identify and notify the program manager when changes occur that might affect the authorization determination for the information system
- Provide analysis of systems, hardware, software, and maintenance needs
- Create and review annually the security- and privacy-related documentation
- Develop, coordinate and conduct training and tabletop exercises related to continuity of operations, contingency planning, incident handling, awareness, etc
- Update control implementation tools like XACTA to maintain compliance against NIST 800-53 rev 5
- Coordinate with other EPA organizational entities to ensure compliance with EPA and other federal requirements, specifications, and reporting
- Prepare reports on the status of system security and privacy, vulnerabilities, responses to
Requirements:
- 5 + years of related experience
- US Citizenship Required: Yes
- Education: Masters or Bachelor's degree in Computer Science, Information Security, Cyber Security, or relevant discipline
- Prior performance in roles such as security, privacy, system administration, and/or networking administration
- Knowledge of NIST SP-800-53, Rev 5
- Familiarity with system security and privacy within cloud environments and FedRAMP
- Demonstrated experience with risk management and auditing
- Excellent verbal and written communications skills, including the ability to communicate complicated technical information
- Security+, CISSP, CISA, CISM, and/or cloud-based security certification (e.g. CCSP, COMPTIA Cloud+, or equiv) preferred
- Clearance Required: Position of Trust or greater (can be obtained after starting)