|Date Posted||March 9, 2018|
In support of the General Dynamics (GD) Enterprise Cyber Network Defense (ECND) program, GD Information Technology (GDIT) seeks an Auditor skilled in cybersecurity and cyberspace defense processes, procedures, and governance that will provide impactful contributions to the Cyber Security Auditing section.
The qualified candidate will be responsible for Risk Management Framework (RMF) Security Control Assessment and Authorization (A&A) of management, operational, and technical security controls used to protect, detect, characterize, counter and mitigate network and system vulnerabilities and security events, to improve the security posture of Department of Defense (DOD) and Intelligence Community (IC) networks and information systems.
The candidate will perform recurring, world-wide RMF A&A on behalf of the Defense Intelligence Agency (DIA) Cybersecurity Service Provider (CSSP) Program Management Office (PMO) for General Services (GENSER), and Special Access Program (SAP) / Special Access Requirements (SAR) CSSPs in accordance with (IAW) DODI-8530.01, CJCS 6510 series, and IC Directives and Standards; and for sites connected to the Joint Worldwide Intelligence Communications (JWICS) backbone IAW DIA JWICS Connection Approval Program (JCAP) policy.
- Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
- Conducting world-wide SAP/SAR and GENSER CSSP security control assessments to improve services and standards
- Conduct internal assessments of the DIA CSSP SAP/SAR and GENSER program
- Coordinate remediation of DIA internal assessment findings with responsible DIA support offices to ensure mitigation
- Provide monthly Plan of Action and Milestones (POAM) metrics for DIA internal assessments
- Develop auditor requirements and recommendations for Cyberspace Defense Services (CDS) assessments for sites connected the JWICS backbone in support of JCAP
- Perform security assessments at remote sites with collateral (includes, but not limited to, NIPR/SIPR) and/or TS/SCI under DIA’s purview and/or managed by DIA, includes all organizations with networks connected to Core backbone & their backsides.
- Perform security assessments of contractor sites processing and storing DIA collateral (includes but not limited to, NIPR/SIPR) and/or DOD TS/SCI data.
- Assists with implementation of counter-measures or mitigating controls
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- May perform Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
- May perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
- May serve as a technical team or task leader.
- Maintains current knowledge of relevant technology as assigned.
- Participates in special projects as required.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
The contract requires 8 years of related experience in data security administration, or cybersecurity knowledge domain areas.
- Must have both DoD 8570 IAT II and CND-SP Auditor certifications.
- Requires TS/SCI
- Must be willing to obtain and maintain a CI Polygraph.
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.